Enabled nss emergency shell

Use this group policy to specify whether to use the default login shell when a user or group attempting to access the computer is not allowed to log on.

The default no-login shell and its location is typically platform-specific. For example, on Red Hat Linux the default shell for users who are denied access is:

/sbin/nologin

If this policy is Disabled or Not configured, by default, the nologin shell specified in the agent configuration file by the configuration parameter, nss.shell.nologin, is returned.

This group policy modifies the nss.shell.emergency.enabled parameter in the agent configuration file.