Can I ask for some advice, as to where in the code would be the logical place to add code to ask a user to change his password? Presumably do_pam_account is the *wrong* place. Guess I should build a do_pam_password function, but who should be calling it?