Temporary AD passwords

Hi.

In a DAP protecting Microsoft Office 365 with a federated domain, does DUO support temporary AD passwords?

For example, if an admin changes a user’s AD password, are they then able to check the box reading “User must change password at next logon” so that the user will be able to choose themselves a new password when logging in to Office 365?

The underlying AD is already syncing passwords to/from Office365.

This is working fine when the user logs in via the Cisco Anyconnect VPN client but wondering if this can work logging into Office 365 as well

Thanks for reading
Steven