chsh for LDAP

The standard UNIX utility chsh doesn't work when account data is stored in LDAP, and there didn't seem to be any real LDAP-compatible chsh programs out there, so I wrote this script. It shows what needs to be done, but has all sorts of deficiencies:

• Its interface isn't compatible with the existing chsh.

• The account name to LDAP DN mapping is hardcoded in the script.
• It doesn't work for the root user.

• It checks that the chosen shell is executable and listed in /etc/shells only on the local host. This might not make sense in a network environment.