Password policies allow options to trigger expiration activity long into the future. For example: You can disable the user if the password wasn't changed in 60 days or you can disable the user in 90 days. How will you test this? Will you have to wait 60 or 90 days?
There are two basic ways to test this:
1. For testing purposes change your policy to expire in 1 day - this way you can test it the next day. If working then you should 'believe' that it will work similarly after a longer number of days.
2. Change your machine clock to the day before or day of expiration to make it 'as if' the time period (60 days, 90 days, etc.. ) has past. This will or should 'trick' the system to think it's expired so that you can test.