If you want users to get the shell they want, then you need to set the
shell
they want in Active Directory, and make sure SSSD is configured to look at the
right attribute
I understand that it is the most elegant solution.
But because AD is not under my management we prefer to admin this stuff using linux-side
configs.
For now we use "default_shell = /bin/bash" for all machines.
If you're managing it by puppet, and you actually want the config
you
describe, you could just set default_shell for the machines differently, so
it's set to zsh on some and bash on others.
You're right again.
We just tried to keep all sssd.conf standard and choose user's shell based on
availability of zsh.
thank you, Vitaly