password not syncing when changing password from 802.1x wireless network prompt

Hi.

My setup is : Mojave 10.14.3 with Filevault, Mobile account, bound to AD. 802.1x wireless auth (but local session with cached password). After that, deploying NoMAD + NoLo. NoLo configured to write the keychain password for NoMAD so that it automatically signs in. FDE passthrough enabled.

Steps to reproduce :

1. expire user password in AD (using objUser.pwdLastSet = 0 ).
2. reboot Mac, put FV password, get in session. Before NoMAD has time to launch, (LaunchAgent configured) the 802.1x wireless network is asking to change the AD password.
3. Change password. NoMAD couldn't auto-sign in anyways because password in the keychain is expired so you manually Sign in to NoMAD.
4. If you lock session (cmd+Q) it will ask the new password. If you try to lock/unlock keychain, it will ask for old password. If you log out, the NoLo loginwindow ask for the old password. If you reboot, FV has old password BUT it asks you to update keychain password (and it will take the NEW password to update it with the old one we typed in FDE)

Am I doing something wrong?

Thanks