When you’re asking your users to change their passwords from a website, it will be interesting to disable the ability to modify the password directly from the Mac OS X login window. The login window checks the expiration date of the passwords and ask the user to change it 30 days before.
This is a great solution if you’re using only one centralized Active Directory domain, but a bad thing if the Active Directory is not the only directory of your company and the password needs to be changed in other systems.
If you’re using a centralized system to change the passwords or an SSO system it will be important to disable this warning. To do that, you can edit this file :
/Library/Preferences/com.apple.loginwindow.plist
And simply add this key :
<key>PasswordExpirationDays</key> <integer>0</integer>
In this case, the login window will never checks if the password expires soon. Thanks to the member of MacEnteprise that shares the solution.
It also can be done via Terminal Commands or use ARD:
Backup the Original file just incase by the following command.
sudo cp /Library/Preferences/com.apple.loginwindow.plist /Library/Preferences/ORIG_com.apple.loginwindow.plist;
Add the key by the following command:
sudo defaults write /Library/Preferences/com.apple.loginwindow.plist PasswordExpirationDays -int 0;