diff -up shadow-4.1.3-rc1/libmisc/find_new_gid.c.redhat shadow-4.1.3-rc1/libmisc/find_new_gid.c
--- shadow-4.1.3-rc1/libmisc/find_new_gid.c.redhat	2009-04-06 15:46:43.000000000 +0200
+++ shadow-4.1.3-rc1/libmisc/find_new_gid.c	2009-04-06 15:48:29.000000000 +0200
@@ -56,11 +56,11 @@ int find_new_gid (bool sys_group, gid_t 
 	assert (gid != NULL);
 
 	if (!sys_group) {
-		gid_min = getdef_ulong ("GID_MIN", 1000L);
+		gid_min = getdef_ulong ("GID_MIN", 500L);
 		gid_max = getdef_ulong ("GID_MAX", 60000L);
 	} else {
 		gid_min = getdef_ulong ("SYS_GID_MIN", 1L);
-		gid_max = getdef_ulong ("GID_MIN", 1000L) - 1;
+		gid_max = getdef_ulong ("GID_MIN", 500L) - 1;
 		gid_max = getdef_ulong ("SYS_GID_MAX", (unsigned long) gid_max);
 	}
 	used_gids = alloca (sizeof (char) * gid_max +1);
diff -up shadow-4.1.3-rc1/libmisc/find_new_uid.c.redhat shadow-4.1.3-rc1/libmisc/find_new_uid.c
--- shadow-4.1.3-rc1/libmisc/find_new_uid.c.redhat	2009-04-06 15:46:49.000000000 +0200
+++ shadow-4.1.3-rc1/libmisc/find_new_uid.c	2009-04-06 15:48:46.000000000 +0200
@@ -56,11 +56,11 @@ int find_new_uid (bool sys_user, uid_t *
 	assert (uid != NULL);
 
 	if (!sys_user) {
-		uid_min = getdef_ulong ("UID_MIN", 1000L);
+		uid_min = getdef_ulong ("UID_MIN", 500L);
 		uid_max = getdef_ulong ("UID_MAX", 60000L);
 	} else {
 		uid_min = getdef_ulong ("SYS_UID_MIN", 1L);
-		uid_max = getdef_ulong ("UID_MIN", 1000L) - 1;
+		uid_max = getdef_ulong ("UID_MIN", 500L) - 1;
 		uid_max = getdef_ulong ("SYS_UID_MAX", (unsigned long) uid_max);
 	}
 	used_uids = alloca (sizeof (char) * uid_max +1);
diff -up shadow-4.1.3-rc1/src/useradd.c.redhat shadow-4.1.3-rc1/src/useradd.c
--- shadow-4.1.3-rc1/src/useradd.c.redhat	2009-04-06 15:49:02.000000000 +0200
+++ shadow-4.1.3-rc1/src/useradd.c	2009-04-06 15:55:22.000000000 +0200
@@ -89,7 +89,7 @@ char *Prog;
 static gid_t def_group = 100;
 static const char *def_gname = "other";
 static const char *def_home = "/home";
-static const char *def_shell = "";
+static const char *def_shell = "/sbin/nologin";
 static const char *def_template = SKEL_DIR;
 static const char *def_create_mail_spool = "no";
 
@@ -101,7 +101,7 @@ static char def_file[] = USER_DEFAULTS_F
 #define	VALID(s)	(strcspn (s, ":\n") == strlen (s))
 
 static const char *user_name = "";
-static const char *user_pass = "!";
+static const char *user_pass = "!!";
 static uid_t user_id;
 static gid_t user_gid;
 static const char *user_comment = "";