LDAP user is not prompted to change password on first login

Brief Description
-----------------
LDAP user is not prompted to change password on first login

Severity
--------
Major

Steps to Reproduce
------------------
1. create a ldap user:
controller-0:~$ sudo ldapusersetup
Enter username to add to LDAP: ldapuser25
Successfully added user ldapuser25 to LDAP
Successfully set password for user ldapuser25
Add ldapuser25 to sudoer list? (yes/NO): NO
Add ldapuser25 to secondary user group? (yes/NO): NO
Enter days after which user password must be changed [90]: 90
Error modifying user entry uid=ldapuser25,ou=People,dc=cgcs,dc=local in LDAP
Updating password expiry to 90 days
Enter days before password is to expire that user is warned [2]: 2
Error modifying user entry uid=ldapuser25,ou=People,dc=cgcs,dc=local in LDAP
Updating password expiry to 2 days

2. Login to controller-1 with the ldap user:
controller-0:~$ ssh -l ldapuser25 -o UserKnownHostsFile=/dev/null controller-1
The authenticity of host 'controller-1 (abcd:204::3)' can't be established.
ECDSA key fingerprint is SHA256:2xmrT7V1M9Iol+fuTXgQsv7+7FSOT3SFQZOtPxdLbNA.
ECDSA key fingerprint is MD5:07:21:97:1d:31:31:74:46:3b:db:01:78:ad:8f:ce:0e.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'controller-1,abcd:204::3' (ECDSA) to the list of known hosts.
Release 22.06
------------------------------------------------------------------------
W A R N I N G *** W A R N I N G *** W A R N I N G *** W A R N I N G ***
------------------------------------------------------------------------
THIS IS A PRIVATE COMPUTER SYSTEM.
This computer system including all related equipment, network devices
(specifically including Internet access), are provided only for authorized use.
All computer systems may be monitored for all lawful purposes, including to
ensure that their use is authorized, for management of the system, to
facilitate protection against unauthorized access, and to verify security
procedures, survivability and operational security. Monitoring includes active
attacks by authorized personnel and their entities to test or verify the
security of the system. During monitoring, information may be examined,
recorded, copied and used for authorized purposes. All information including
personal information, placed on or sent over this system may be monitored. Uses
of this system, authorized or unauthorized, constitutes consent to monitoring
of this system. Unauthorized use may subject you to criminal prosecution.
Evidence of any such unauthorized use collected during monitoring may be used
for administrative, criminal or other adverse action. Use of this system
constitutes consent to monitoring for these purposes.ldapuser25@controller-1's password:
Permission denied, please try again.
ldapuser25@controller-1's password:
Creating directory '/home/ldapuser25'.
Last login: Mon May  9 19:10:09 2022 from abcd:204::2
/etc/motd.d/00-header:WARNING: Unauthorized access to this system is forbidden and will be
prosecuted by law. By accessing this system, you agree that your
actions may be monitored if unauthorized usage is suspected.

Expected Behavior
-----------------
First time login to LDAP user ask to change the password

Actual Behavior
----------------
First time login to LDAP user not prompted to change the password

Also notice there are errors when creating the LDAP user.

Reproducibility
---------------
Reproducible

System Configuration
--------------------
Any

Branch/Pull Time/Commit
-----------------------
STX latest

Last Pass
---------
Unknown

Timestamp/Logs
--------------
See "Steps to Reproduce".

Test Activity
-------------
Developer Testing

Workaround
----------
N/A