Template Create Fails if keystone.conf [security_compliance] settings are set

OpenStack Version: zed
Operating System: Ubuntu 22.04

If the keystone.conf is configured with:

change_password_upon_first_use = true

then trustee users created during template creation will fail keystone authentication.

The trustee users should be created with --ignore-change-password-upon-first-use and --ignore-password-expiry properties set.

I attempted to create a separate keystone.magnum.conf to disable these settings, but these do not appear to be a setting that can be overridden in keystone.

As these settings are required by our security policy for interactive users, I cannot disable these settings for all users.

This is the stack result I got in magnum-conductor.log:
2023-10-09 15:58:37.143 4040607 ERROR oslo.service.loopingcall [None req-3cdad515-8779-4c31-9b51-efd25c53b9f8 - - - - - -] Fixed interval looping call 'magnum.service.periodic.ClusterUpdateJob.update_status' failed: magnum.common.exception.AuthorizationFailure: unexpected keystone client error occurred: The password is expired and needs to be changed for user: 0c142e003ded48cfbe8003194cf4977f. (HTTP 401) (Request-ID: req-7c554e5c-5655-461e-877d-0623065c5964)
2023-10-09 15:58:37.143 4040607 ERROR oslo.service.loopingcall Traceback (most recent call last):
2023-10-09 15:58:37.143 4040607 ERROR oslo.service.loopingcall File "/usr/lib/python3/dist-packages/magnum/common/exception.py", line 57, in wrapped
2023-10-09 15:58:37.143 4040607 ERROR oslo.service.loopingcall return func(*args, **kw)
2023-10-09 15:58:37.143 4040607 ERROR oslo.service.loopingcall File "/usr/lib/python3/dist-packages/magnum/common/clients.py", line 110, in heat
2023-10-09 15:58:37.143 4040607 ERROR oslo.service.loopingcall endpoint = self.url_for(service_type='orchestration',
2023-10-09 15:58:37.143 4040607 ERROR oslo.service.loopingcall File "/usr/lib/python3/dist-packages/magnum/common/clients.py", line 48, in url_for
2023-10-09 15:58:37.143 4040607 ERROR oslo.service.loopingcall return self.keystone().session.get_endpoint(**kwargs)
2023-10-09 15:58:37.143 4040607 ERROR oslo.service.loopingcall File "/usr/lib/python3/dist-packages/keystoneauth1/session.py", line 1243, in get_endpoint
2023-10-09 15:58:37.143 4040607 ERROR oslo.service.loopingcall return auth.get_endpoint(self, **kwargs)
2023-10-09 15:58:37.143 4040607 ERROR oslo.service.loopingcall File "/usr/lib/python3/dist-packages/keystoneauth1/identity/base.py", line 375, in get_endpoint
2023-10-09 15:58:37.143 4040607 ERROR oslo.service.loopingcall endpoint_data = self.get_endpoint_data(
2023-10-09 15:58:37.143 4040607 ERROR oslo.service.loopingcall File "/usr/lib/python3/dist-packages/keystoneauth1/identity/base.py", line 271, in get_endpoint_data
2023-10-09 15:58:37.143 4040607 ERROR oslo.service.loopingcall service_catalog = self.get_access(session).service_catalog
2023-10-09 15:58:37.143 4040607 ERROR oslo.service.loopingcall File "/usr/lib/python3/dist-packages/keystoneauth1/identity/base.py", line 134, in get_access
2023-10-09 15:58:37.143 4040607 ERROR oslo.service.loopingcall self.auth_ref = self.get_auth_ref(session)
2023-10-09 15:58:37.143 4040607 ERROR oslo.service.loopingcall File "/usr/lib/python3/dist-packages/keystoneauth1/identity/v3/base.py", line 187, in get_auth_ref
2023-10-09 15:58:37.143 4040607 ERROR oslo.service.loopingcall resp = session.post(token_url, json=body, headers=headers,
2023-10-09 15:58:37.143 4040607 ERROR oslo.service.loopingcall File "/usr/lib/python3/dist-packages/keystoneauth1/session.py", line 1149, in post
2023-10-09 15:58:37.143 4040607 ERROR oslo.service.loopingcall return self.request(url, 'POST', **kwargs)
2023-10-09 15:58:37.143 4040607 ERROR oslo.service.loopingcall File "/usr/lib/python3/dist-packages/keystoneauth1/session.py", line 986, in request
2023-10-09 15:58:37.143 4040607 ERROR oslo.service.loopingcall raise exceptions.from_response(resp, method, url)
2