There is more than one way to configure auditing in Group Policy, but I think the primary old way (on Windows Server 2003) is to open GPMC, edit the Default Domain Policy (or whatever domain policies are active in the OU and objects you're working with), and drill down from the Policies node through Windows Settings to Security Settings, in order to open the Local Policies Audit Policy branch. There's an "Audit account management" section that you can define.
The above only lets you audit the account changes, but you have to make it actionable by relating it back to success criteria, such as a user's password had recently expired. By leveraging OSSIM (or another strong correlation engine), you could combine ADSI scripts which check every audit account management message to see if it was a password change, and to see if the password recently expired. Then, the hashes could be matched, etc. Even OpenVAS could be kicked off to try and bruteforce the password -- although it would probably be better to perform this task with more data.
This becomes an exercise in customization for client, server, and other infrastructure hardening/monitoring. You would want to move the maturity of your entire infrastructure to a higher level -- so I assume you've already done much of the work prescribed by The Center for Internet Security (CIS) and/or NIST.
If you are more greenfield and haven't implemented customized solutions like this in the past, it would certainly be better to jump to a future-proof solution such as OpenIDM from ForgeRock. This would be a multi-million dollar, six year project or so.
If you're in a large-installation brownfield operation, such as Fortune 500 -- it would be best to identify your existing IAM, IDM, Directory, ESB, and other backoffice components in order to properly analyze where to fit identity lifecycle management issues such as user-password resets. It may be that an existing solution provider, such as SAP, Oracle, TIBCO, or Microsoft has an easy answer.
If you're solely a Microsoft shop (100 percent), then you probably want to discuss their ILM 2007 product, FIM 2010, and related solutions. Microsoft has a nasty way of canceling these product lines, or changing them drastically -- so it's good to be hip to the "inside track" and discuss directly with the ILM/FIM and other product managers (PMs) instead of just an account manager (AM) or their websites and trade information.
There are other, more point solutions such as Quest software's ChangeAuditor for AD, but I would be wary of this only solving a short-term problem, when clearly a business process and huge set of business/infrastructure maturity problems may exist.