With the release of macOS Sonoma 14.x (I think it was 14.1) a new alert notification was introduced which indicated the user that a new/updated payload of a password restriction was received by the Mac.
After the policy is received the local account password is no longer accepted and the user has to change it in System Settings or, as mentioned in the notification, log out and log in again.
This is in my opinion a great improvement for the user experience. The challenge in my experience here is, that with the macOS default behavior for notifications is the alert type ' Banner'. Banners appear in the upper-right corner and go away automatically. The user might not see the notification and is confused that the local account password does not work anymore in the current session.
But luckily with the help of Apple Care Enterprise engineers (hat tip) I have now the App Bundle Identifier to create a notification settings profile. In the example below you find a profile for com.apple.ManagedClient.PasscodeUserNotification2 which changes the Alert Type to ‘Alerts’. Alerts stay on screen until dismissed.
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>PayloadContent</key>
<array>
<dict>
<key>NotificationSettings</key>
<array>
<dict>
<key>AlertType</key>
<integer>2</integer>
<key>BadgesEnabled</key>
<true/>
<key>BundleIdentifier</key>
<string>com.apple.ManagedClient.PasscodeUserNotification2</string>
<key>CriticalAlertEnabled</key>
<true/>
<key>GroupingType</key>
<integer>0</integer>
<key>NotificationsEnabled</key>
<true/>
<key>PreviewType</key>
<integer>1</integer>
<key>ShowInCarPlay</key>
<true/>
<key>ShowInLockScreen</key>
<true/>
<key>ShowInNotificationCenter</key>
<true/>
<key>SoundsEnabled</key>
<true/>
</dict>
</array>
<key>PayloadDisplayName</key>
<string>Notifications</string>
<key>PayloadIdentifier</key>
<string>com.apple.notificationsettings.99163D44-2ADB-4669-AAC2-84F41DF4377E</string>
<key>PayloadType</key>
<string>com.apple.notificationsettings</string>
<key>PayloadUUID</key>
<string>99163D44-2ADB-4669-AAC2-84F41DF4377E</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
</array>
<key>PayloadDescription</key>
<string>Notification settings for com.apple.ManagedClient.PasscodeUserNotification2</string>
<key>PayloadDisplayName</key>
<string>Notification Settings </string>
<key>PayloadIdentifier</key>
<string>applefreakz.3797D291-714A-466F-A248-B5D3EF325FA2</string>
<key>PayloadType</key>
<string>Configuration</string>
<key>PayloadUUID</key>
<string>3797D291-714A-466F-A248-B5D3EF325FA2</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
</plist>
Hope some of you find this tidbit helpful for your environment.
