+14Wondering if there is a way to change the default shell for all users?
I see that a user can themselves type
chsh -s shellname
e.g. csh -s zsh
but they have to authenticate. I could run a script at login, once, but not sure how to tackle the need to provide their password.
Also, I'd like to change the system so that new users have the newer shell (zsh)
Best answer by dlondon
This will change the above directory binding.
/usr/sbin/dsconfigad -shell /bin/zsh
+14I think this is what I need to edit on the existing AD binding on a machine
I can change the settings in Jamf for future binding. Just not sure where this lives on the local machine
+14This will change the above directory binding.
/usr/sbin/dsconfigad -shell /bin/zsh
+17This seemed to work for existing users:
dscl . -create /Users/𝘴𝘩𝘰𝘳𝘵𝘶𝘴𝘦𝘳𝘯𝘢𝘮𝘦 UserShell /bin/zsh
+14So it turns out that Active Directory has a user attribute called loginshell. That attribute overwrites the one in Directory Utility. I ended up just making a login script that runs once per user per machine
#!/bin/bash
# ChangeDefaultShellForUser.bash
# Set this to run once per user at login on the target machine
# Doing it this way because the AD user attribute loginshell is overiding our domain binding settings
# Intended for computer labs
# 2024-03-20 David London
# In a jamf policy would enter /bin/zsh for the $4 parameter
NewShell=$4
currentUser=$(stat -f%Su /dev/console)
echo "Current default shell for $currentUser:"
/usr/bin/dscl . -read "/Users/$currentUser" UserShell
echo
/usr/bin/dscl . -create "/Users/$currentUser" UserShell "$NewShell"
echo "New default shell for $currentUser:"
/usr/bin/dscl . -read "/Users/$currentUser" UserShell
exit 0
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
