The rpc.yppasswdd has an option to not allow shell changes (-s), but is
always passed a shell by the remote yppasswd. If an NIS client overrides the
shell provided by the ypserv, then yppasswd (pam_unix, actually, afaict)
will pass this new shell to the yppasswdd. If this shell has been set on the
client to a shell which is invalid on the server, a user will never be able
to change their password on the client.