Hello,
here is the config, user A admin, shell enabled, user B not admin shell disabled (/dev/null in NetInfo). If you don’t know how to disable shell see PS.
Note that on OS X.2, even if the shell is disabled, the user B gets Bash, can anyone confirm this strange behaviour ?
On OS X.1 the user, when he launch Terminal gets an error message saying that shell is prohibited.
My real question, to be tested both on 10.1 and 10.2 (that’s why I need your help), does a ‘do shell script’ script runs even if the shell is disabled for the user who launched the script ?
Does anybody can test this on his machines, a simple script like :
try
set MyResult to do shell script ‘mkdir /etc/tmp’
display dialog (MyResult as text)
on error
try
set MyResult to do shell script ‘mkdir /etc/tmp’ password “AdminPass” with adminitrator priviledges
display dialog (MyResult as text)
on error TheErr
display dialog "The problem is " & TheErr
end try
end try
should be enough to answer the question if launched from the not admin account (don’t forget to replace AdminPass by your admin password 
). The script tries to create a tmp directory in the etc dir, a command wich is only allowed to admins, so the first try must lead to the error, the second ‘do shell script’ includes the pass + the admin is shell allowed, so lets see if such a script, launched from a shell disabled account runs or not ?
Thanks for help
regards
Vartan
P.S. : to disable shell on a user account, launch NetInfo Manager, click on the lock give your admin pass, on the central column choose user, then the one you want to disable shell. In the lower frame find the shell property wich value must be /bin/tcsh and change it to /dev/null. Click on another user, the App asks you if you want to save the modifications, say yes, and that’s it. You can re-enable shell as soon as you want bu putting back /bin/tcsh in the shell value in NetInfo Manager.