Using AD to propagate macOS UNIX loginshell

New Contributor

Does anyone have experience getting macOS to read the UNIX AD attribute loginshell or know which attribute Apple is using as user shell?

Currently our AD-bound lab machines either assign the same shell from Directory Utility on a per machine basis (not ideal because we need this to be per account across all lab machines) or it treat the user as having /usr/bin/false and close the SSH connection on the Network AD user.  chsh -s seems to only work for AD Mobile accounts with administrator privilege and we need this to work on none-privileged AD network accounts.
Any help would be greatly appreciated.
- Wayne