I'll have to dig around to see if LEM users can change their passwords, but might I suggest an alternative?
If you configure the LEM Appliance with a Directory Services Query Tool Connector, you can create users based on your AD structure. That means that people log into the LEM with their AD credentials. They can change their AD password in Windows, and the LEM will pick up that change. The connector looks like this:
Then when you build users, instead of picking LEM User, you'd add Directory Services Users:
To login, you'd need to enter your FQDN\user, since the LEM isn't on the domain.
Maybe that alternative will work for you!
That sounds perfect, curtisi. I'll give it a try.
Glad I could help! If this answers the question, I'd appreciate the points from you marking it so (I need more SW swag!)
using AD integration is the preferred way. Users have the luxury of using just one set of credentials and you know that the password policy is enforced too (password lockout, password complexity, password age), so it is a good option over local accounts. The users would need to change their passwords from their Windows session, not LEM.
If you have not implemented this yet, may I suggest you configure directory service groups vs individual accounts? This allows you easier management of who logs in to LEM and what privileges they gain.