Am I just missing it? Is there an option anywhere to force regular GW password changes...?

Little background: we've had GW since the mid-90s, always used the GW database for password. We never kept up with users changing passwords, and I'd not be surprised if I could log into 1/3 (or more) of the accounts using our default password. This was never really a problem until now, but we're recently experiencing numerous cases of 'bots (I assume) logging into our system using WebAcc and sending out prodigious amounts of spam (tens of thousands). Gotta stop that. Problem is, I can't find a way to FORCE people to change their passwords on a regular basis (or even to force them to change it from the default, like what happens when they login first time to eDirectory).

We have a policy in place, enforced, requiring people to change their eDirectory passwords every 60 days. And, we have a very good flat LDAP authentication tree (synched with ID Manager). So your next response is "easy peasy, just use LDAP authentication!" And you'd be right, except...there was this 3-4 year run in the late-90s/early-aughts where, for whatever reason, the organization decided to create users in eDirectory using a unique org/employee number, and at the same time give them a different GroupWise email address descriptive of their name. So, there's a large group of users (thousands) that do not have a coincidental email address and edir user ID. As I understand it, that won't work with LDAP authentication.


So I'm back to the idea that MAYBE something in GW will give me the power to FORCE users to change their passwords regularly, just like in eDir, but I ain't seein' it. I'd much prefer to use LDAP authentication and refer back to the eDir policy (and keep the passwords "the same") but short of renaming all those users (including the info in the databases of all the other clinical apps they have access to) I'm kinda stuck.

Thoughts, ideas, empathy appreciated... - Greg