Change default shell for user

dlondon
Valued Contributor

Wondering if there is a way to change the default shell for all users?

I see that a user can themselves type 

chsh -s shellname

e.g. csh -s zsh

but they have to authenticate.  I could run a script at login, once, but not sure how to tackle the need to provide their password.

Also, I'd like to change the system so that new users have the newer shell (zsh)

3 ACCEPTED SOLUTIONS

dlondon
Valued Contributor

This will change the above directory binding.

/usr/sbin/dsconfigad -shell /bin/zsh

 

View solution in original post

joshuasee
Contributor III

This seemed to work for existing users:

 

dscl . -create /Users/𝘴𝘩𝘰𝘳𝘵𝘶𝘴𝘦𝘳𝘯𝘢𝘮𝘦 UserShell /bin/zsh

 

 

View solution in original post

dlondon
Valued Contributor

So it turns out that Active Directory has a user attribute called loginshell.  That attribute overwrites the one in Directory Utility.  I ended up just making a login script that runs once per user per machine

#!/bin/bash
# ChangeDefaultShellForUser.bash
# Set this to run once per user at login on the target machine
# Doing it this way because the AD user attribute loginshell is overiding our domain binding settings
# Intended for computer labs
# 2024-03-20 David London

# In a jamf policy would enter /bin/zsh for the $4 parameter
NewShell=$4

currentUser=$(stat -f%Su /dev/console)

echo "Current default shell for $currentUser:"
/usr/bin/dscl . -read "/Users/$currentUser" UserShell
echo 
/usr/bin/dscl . -create "/Users/$currentUser" UserShell "$NewShell"
echo "New default shell for $currentUser:"
/usr/bin/dscl . -read "/Users/$currentUser" UserShell

exit 0

View solution in original post

5 REPLIES 5

dlondon
Valued Contributor

I think this is what I need to edit on the existing AD binding on a machine

Screenshot 2024-02-27 at 7.22.14 pm.png

I can change the settings in Jamf for future binding.  Just not sure where this lives on the local machine

dlondon
Valued Contributor

This will change the above directory binding.

/usr/sbin/dsconfigad -shell /bin/zsh

 

joshuasee
Contributor III

This seemed to work for existing users:

 

dscl . -create /Users/𝘴𝘩𝘰𝘳𝘵𝘶𝘴𝘦𝘳𝘯𝘢𝘮𝘦 UserShell /bin/zsh

 

 

dlondon
Valued Contributor

Thanks @joshuasee  - appreciate the help :)

dlondon
Valued Contributor

So it turns out that Active Directory has a user attribute called loginshell.  That attribute overwrites the one in Directory Utility.  I ended up just making a login script that runs once per user per machine

#!/bin/bash
# ChangeDefaultShellForUser.bash
# Set this to run once per user at login on the target machine
# Doing it this way because the AD user attribute loginshell is overiding our domain binding settings
# Intended for computer labs
# 2024-03-20 David London

# In a jamf policy would enter /bin/zsh for the $4 parameter
NewShell=$4

currentUser=$(stat -f%Su /dev/console)

echo "Current default shell for $currentUser:"
/usr/bin/dscl . -read "/Users/$currentUser" UserShell
echo 
/usr/bin/dscl . -create "/Users/$currentUser" UserShell "$NewShell"
echo "New default shell for $currentUser:"
/usr/bin/dscl . -read "/Users/$currentUser" UserShell

exit 0