For a solution, there are 2 practical ones.
One solution is to train all users to use the strong password generator in the password manager to generate a new password and let anyone with access to the password entry update the website and require them to also update the password manager entry when they update the password to keep them in sync.
The other, and possibly better, is instead of training everyone how to use the password generator and update the entry (or keep doing password resets until the website and password manager are in sync), is to train them to exit the password reset process and call a security/identity admin trained to go to the website in question, generate a new password, update the website’s password, and sync it with the password manager. Then the user can resume their use of the website like normal using the password manager.
It is a question of training everyone or one/a few in making sure the password is strong (follows your policy for that) and that any MFA (Multi-Factor Authentication) processes from the website get followed. For example, if the website sends an email with a password reset link in it, or a one-time code sent to a mobile number, someone will need to have access to the email account or the mobile phone to respond to your employee trying to reset the website’s password.
To me, this makes the latter, centralized process of “contact the password manager administrator to change a website’s password” the better option, since training users is simpler, and it works with websites that have MFA controls on password changes, which many do. You’ll need to be disciplined about centralizing the contact email (and mobile phone/SMS receiver) for these accounts to be your security/identity team (e.g. the password manager administrators). Unfortunately that also makes that person/team the point of contact for all of the other emails (“marketing”) the website sends out, or critical business emails (statements, invoices) and you have to be able to review and route those to the right persons within your organization.
When you share accounts/passwords, to that website, everyone in your organization is the same person from the website’s viewpoint.
Identity management for third-party credentials at scale just has no easy, low-cost (money or process) universal solutions. The next step up is to go with a federated identity service to translate between your users and the external website’s users.