When you add user you will have no flags assigned to that user.
But if you add password or change password for this user as root that user will get flag "admchg". This flag will force user on his first login to change that password. If you want to delete that flag you can do it with pwdadm -c user_name (as root).
For root you can use flag "nocheck". Flag "admchg" is not added even you change root password and flag "admin" is implemented automatically.
I think is not working that way.
I added flag = to /usr/lib/security/mkuser.default and as well to
/etc/security/user and is not working. This "flag=" is added to the /etc/security/passwd after password is created for user.