I'm trying to create a password change form for my company's vendors. There are a couple of scenarios I could encounter doing this:
1 - User enters invalid current password
2 - New passwords do not match
3 - User's account is locked
4 - User cannot authenticate because password is expired
It's case 4 that I'm struggling with, because their is no way for me to take the password the user entered and verify it against active directory without getting an error. Any thoughts?