Users are managed in an LDAP database, via an LDAP server. So modifying /etc/default/useradd, which governs system file default behavior, is inappropriate.
The default shell can be changed by setting an AdvancedConfig that calls a script every time a new user is created. In /cm/local/apps/cmd/etc/cmd.conf the following parameter can be added:
AdvancedConfig = {"AddUserScript=/cm/local/apps/cmd/scripts/changeshell.sh"}
The script can be stored anywhere, but in this example it is in /cm/local/apps/cmd/scripts/. The ldapmodify command is used in the script to change the shell. When cmdaemon calls this script. it passes the username of the user that is being added as an argument. This script modifies the loginShell for that user in LDAP:
[root@bright81 etc]# cat /cm/local/apps/cmd/scripts/changeshell.sh #!/bin/bash ldapmodify -x -D "cn=root,dc=cm,dc=cluster" -w <password> -H ldaps://ldapserver <<! dn:uid=$1,dc=cm,dc=cluster changetype:modify replace:loginShell loginShell:/bin/csh !