diff --git a/base-files-config/debian/deb_folder/base-files-config.install b/base-files-config/debian/deb_folder/base-files-config.install
index a6c86b5..6efaa5a 100644
--- a/base-files-config/debian/deb_folder/base-files-config.install
+++ b/base-files-config/debian/deb_folder/base-files-config.install
@@ -1,5 +1,6 @@
-custom.sh   /etc/profile.d/
-motd        /usr/share/starlingx/base-files
-profile     /usr/share/starlingx/base-files
-prompt.sh   /etc/profile.d/
-vimrc.local /etc/vim/
+custom.sh                          /etc/profile.d/
+motd                               /usr/share/starlingx/base-files
+password-expiration-check.sh       /etc/profile.d/
+profile                            /usr/share/starlingx/base-files
+prompt.sh                          /etc/profile.d/
+vimrc.local                        /etc/vim/
diff --git a/base-files-config/source/password-expiration-check.sh b/base-files-config/source/password-expiration-check.sh
new file mode 100644
index 0000000..953f41d
--- /dev/null
+++ b/base-files-config/source/password-expiration-check.sh
@@ -0,0 +1,59 @@
+#
+# Copyright (c) 2023 Wind River Systems, Inc.
+#
+# SPDX-License-Identifier: Apache-2.0
+#
+# Checks for password expiration for LDAP users, showing warning
+# messages for passwords about to expire and prompting users to change
+# their password when the password is already expired.
+#
+
+USER=$(whoami)
+BASE='ou=people,dc=cgcs,dc=local'
+SECONDS_IN_A_DAY=86400
+LDAP_USER_OUTPUT=$(ldapsearch -x -b "$BASE" "(cn=${USER})")
+
+# Check if the current user is an LDAP user
+IS_LDAP_USER=$(echo "$LDAP_USER_OUTPUT" | grep -c "objectClass: account")
+if [[ $IS_LDAP_USER -gt 0 ]]; then
+    # Get the number of days before password expiration that a warning msg is displayed
+    PWD_WARNING_DAYS=$(echo "$LDAP_USER_OUTPUT" | grep shadowWarning | awk '{print $2}')
+    # Get the maximum number of days a password can be used before it expires
+    PWD_MAX_DAYS=$(echo "$LDAP_USER_OUTPUT" | grep shadowMax | awk '{print $2}')
+
+    # Get the date the password was last changed
+    PWD_LAST_CHANGE_DATE=$(ldapsearch -x -b "$BASE" "(cn=${USER})" + \
+    | grep pwdChangedTime | awk '{print $2}')
+
+    # Convert from ASN.1 generalizedTime to ISO 8601 format for easier manipulation
+    PWD_LAST_CHANGE_DATE=$(echo "$PWD_LAST_CHANGE_DATE" \
+    | sed -r 's/([0-9]{4})([0-9]{2})([0-9]{2})([0-9]{2})([0-9]{2})([0-9]{2})(Z)/\1-\2-\3T\4:\5:\6\7/g')
+
+    # Convert the password change date to epoch time
+    PWD_LAST_CHANGE_DATE_EPOCH=$(date -d "$PWD_LAST_CHANGE_DATE" +%s)
+
+    # Calculate the number of days between the current date and the password change date
+    TODAY_EPOCH_IN_DAYS=$(( $(date +%s) / $SECONDS_IN_A_DAY ))
+    PWD_LAST_CHANGE_DATE_EPOCH_IN_DAYS=$(($PWD_LAST_CHANGE_DATE_EPOCH / $SECONDS_IN_A_DAY ))
+    DAYS_DIFFERENCE=`expr $TODAY_EPOCH_IN_DAYS - $PWD_LAST_CHANGE_DATE_EPOCH_IN_DAYS`
+
+    # Calculate the number of days remaining until the password expires
+    DAYS_REMAINING=`expr $PWD_MAX_DAYS - $DAYS_DIFFERENCE`
+
+    # Display a warning message if the password has already expired and prompts for password change
+    if [ "$DAYS_REMAINING" -lt 0 ]; then
+        echo "WARNING: Your password has expired."
+        echo "You must change your password now and login again!"
+        sleep 1
+        echo "Changing password for ${USER}."
+        passwd
+        exit 0
+    # Display a warning message if the password will expire soon
+    elif [ "$DAYS_REMAINING" -lt ${PWD_WARNING_DAYS} ]; then
+        DAY_NOUN="days"
+        if [ "$DAYS_REMAINING" -lt 2 ]; then
+            DAY_NOUN="day"
+        fi
+        echo "Warning: The password for ${USER} will expire in ${DAYS_REMAINING} ${DAY_NOUN}."
+    fi
+fi