so with everyone working at home, not connected to the domain, passwords are beginning to expire. I can change their 0365 password but the password on their laptops will remain the same until either they connect to our VPN or come onsite and connect to the domain. Since we’ve moved to O365 not very many are set up for VPN. I could remote to their computers and install VPN or ask them to go onsite just long enough to update their domain password. I could reset the password policy but that wouldn’t update the cached GPO on their laptops. I wish we had the option of user password reset from the cloud but we don’t since we are syncing on Prem AD to Azure lite.