quote:

...management is requiring all remote users to change their password who are now set to never expire...
Now you see why their passwords were set to never expire in the first place, I imagine. Yeah, you're stuck until you upgrade the client or your network (to AD).

I'd suggest to management that you hold off on the policy until the new client is approved. If they ask why point them to the 520 or so posts about this issue on Google and Microsoft's unwillingness to fix the issue with a patch or other workaround.

http://groups.google.com/groups?q=vpn+cached+password&ie=UTF-8&oe=UTF-8&hl=en&btnG=Google+Search