I have Samba 3.0 running on SuSE 9.0 using winbindd to
authenticate my users. Everthing works properly. I
have set the template shell for winbind to /bin/false
as I don't want to give everyone shell access to the
server.

However, there are some users that require shell
access. How can I set a real shell for those domain
users that need a shell on the machine ? What's the
procedure for overriding the winbind default of /bin
false for selected users?

I am wondering if there is an option to assign different shells to
specific users in a winbind setup. As far as I can see, the template shell
option is an "all or nothing" scenario. Is this the case?

I do not know much about winbindd but I would suspect that it only writes the shell information when you create an account. If this is true then you can use the following command to change the users shell:

chsh username <change username to users username>

Thank you for the reply

chsh -s /bin/false cat
chsh: can only change local entries; use ypchsh instead.

ypchsh cat
ypchsh: can't get local yp domain: Local domain name not set

thanks

solution is to copy the output of "getent user" to /etc/passwd then change the user shell to nologin