SBS 2003 No Password Expiration Message, Can't change password.

Hello;

I have one SC800 & SBS 2003, NOT sp1, approximately 3 months old.  Clients are eight Win 2000 Pro SP4, two XP SP2 and some occational Outlook Web Access and POP3.

 

Passwords have expired twice and neither time did anyone see a password expiration notification.  When passwords do expire, some, not all, users can't change their passwords at the workstation.

Passwords appears to fail if "Change password and next logon" is checked in User Account.

 

I have been working with Microsoft Community for ten days now and all that's come out is:

1) MS KB 297121 applied and does show the Change Password button on Options in OWA.

2) Change Default Domain Policy - Windows - ... - Security Options - "Prompt user to change password before expiration" to 14 days when it was previously "Not Defined".

 

Are there any other Policy lists other than the Default one found under Advanced Management/Group Policy Management/Forest: /Domains/ /Default Domain Policy?  For instance, Default Domain Policy/Computer Configuration/Windows Settings/Security Settings/Account Policies - Password Policy/Maximum password age says 42 days, but Standard Management/Users/Configure Password Policies says Maximum password age is 40 days.

 

What can I do to test whether or not the "Prompt user before" policy is functioning?