JSI Tip 0074 - How do I change the shell for selected users?

As mentioned in Locking down that Desktop, you can replace the shell by editing:

HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsNTCurrentVersionWinlogon
and replacing Explorer.exe with YourOwnShell.exe in the Shell value. This, however, is a global change and affects all users.

To effect only certain users, create a batch file %windir%System32userinit.bat in which you select the lucky users, running YourOwnShell.exe, but running Userinit.exe for everyone else. Edit:

HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsNTCurrentVersionWinlogonUserinit and replace Userinit with Userinit.bat. Do not change the Shell, leaving it as Explorer.exe. Here is a sample Userinit.bat (I have chosen to identify the "lucky" users by creating a %username%.lucky file on \YourPDCLucky$ to which everyone has list permission, but you can choose whatever mechanism you wish):

@echo off
if exists \YourPDCLucky$%username%.lucky goto YourS
\YourPDCC$winntsystem32userinit.exe
goto end
:YourS
\YourPDCC$winntsystem32YourOwnShell.exe
:end
exit

If you mess up while testing this (I did) and only a partial desktop loads:

CTRL+ALT+DEL, choose Task Manager / File / New Task / userinit.exe.