If you remember this option from Windows NT, or you found the User must log on to change password topic in the Group Policy help file (Gp.chm):

"Computer Configuration\Windows Settings\Security Settings\Account Policies\Password Policy

Description: Determines whether users have to log on before they can change their password.

By default, this setting is disabled in the Default Domain Group Policy object (GPO)
 and in the local security policy of workstations and servers.

If this policy is enabled, then users have to log on before changing their password.
Thus, if a user's password expires, the user will not be able to change the expired password,
but must instead have an administrator reset the password."
This option has been removed from Windows 2000 and the documentation is in error.