I currently have users that access our Exchange servers via Cisco VPN client to my VPN 3030. Authentication is NT domain, and works great for most of us. The problem is my NT admin setup 250 more users, and set password expiration on next login. I was testing and found that the temporary login worked, I authenticated, and then I was re-challenged for another password. I know this to be the "your password have expired, please choose a new one" script. Problem is I cannot change the password via VPN client at all. So what do you do if your users will NEVER login physically into your LAN? Our Security Policy mandates a 30-day expiration.....
Suggestions??