Hello all,
I'm trying to create a password change form for my company's vendors. There are a couple of scenarios I could encounter doing this:

1 - User enters invalid current password
2 - New passwords do not match
3 - User's account is locked
4 - User cannot authenticate because password is expired

It's case 4 that I'm struggling with, because their is no way for me to take the password the user entered and verify it against active directory without getting an error. Any thoughts?

How does the user get access to the form to change a password if the current password has expired? Wouldn't it be impossible for the user to log on to get access to the form?

That's my whole point, we currently have VPN software that when a user with an expired password logs in, verifies their password, then immediately forces a password change, if the password is incorrect they are not allowed in.

I was hoping that some exception would be thrown that would say PasswordChangeRequired.

That would seem to be a problem with the VPN software I would think. I donb't have any VPN experience. Our network group handled that. I just did some AD.

It's not a problem at all, I'm trying to mimic the behavior in VB

Are we talking about a password for the VPN, a password for the Domain or a password for the application?