Have you tried manually putting "0" in the shadow entry so it doesnt try to re-write it ?
eg:
testuser:EuFd69zZXGkp2:14977:0:0::::
(Or maybe even "-1")
It might be because the field is empty, it will then apply the defaults.
If you want it to persist through password changes then script it and put it in roots crontab with all users that you want to not be required to change their passwords. Something like this. As far as i know there is no other way to do it, but i may be wrong.