https://docs.pagure.org/SSSD.sssd/users/ldap_with_ad.html
AD can create and store POSIX attributes, such as uidNumber, gidNumber, unixHomeDirectory, or loginShell.
Define the required user shell settings using these options:
shell_fallback sets a fallback value, which is used only if no shells are defined in AD
override_shell sets a value that always overrides the shell defined in AD
default_shell sets a default shell value
allowed_shells and vetoed_shells set lists of allowed or blacklisted shells
In the [domain] section, use one of these options:
fallback_homedir sets a fallback home directory format, which is used only if a home directory is not defined in AD
override_homedir sets a home directory template, which always overrides the home directory defined in AD