When you’re asking your users to change their passwords from a website, it will be interesting to disable the ability to modify the password directly from the Mac OS X login window. The login window checks the expiration date of the passwords and ask the user to change it 30 days before.
This is a great solution if you’re using only one centralized Active Directory domain, but a bad thing if the Active Directory is not the only directory of your company and the password needs to be changed in other systems.
If you’re using a centralized system to change the passwords or an SSO system it will be important to disable this warning. To do that, you can edit this file :
And simply add this key :
In this case, the login window will never checks if the password expires soon. Thanks to the member of MacEnteprise that shares the solution.