When a user logs into an RDP session for a Windows server or workstation and the account used is a local account (not a domain account) and the password has expired the user will not be able to logon and will not be prompted to update their password.
The debug logs may present an error similar to this:
CSSP Packet contains NTSTATUS error code; error_code='C000006D'
CSSP Packet; version='6', tokens='0'
CSSP errorCode; value='0xC000006D'
Failed to mangle CredSSP packet;
Error parsing incoming data;
The Windows workstation/server Security logs in Event Viewer may present an error similar to this:
The user will receive a popup similar to below that states 'This computer can't connect to the remote computer.':
RDP does not allow the logging in of local accounts if the password has expired independent of SPS, so it is not possible to have this functionality using SPS.
If a local account with an expired password is used independent of SPS an error stating 'This user account's password has expired. The password must change in order to logon.':
The Security logs in the Event Viewer of the Windows workstation/server may present an error similar to this: