There are 2 Account Status.
1. SiteMinder Account Status
2. AD Account Status
SiteMinder is saying AuthReject based on the SiteMinder Account Status which is based on SiteMinder Password Policy.
On the other hand, AD may say the account is fine and can logon to RDP or desktop.
You can check if "Enhanced AD Integration" option is enabled in the Global Settings.
Another thing that might be possible is that your AD account in question might have "Password do not expire" flag set.