Reset Password Audit Report
The Reset Password Audit Report provides you with the list of users who have used ADSelfService Plus to reset their passwords over a specific period of time. The information presented includes the username, timestamp, number of reset attempts, type of password reset (if done by the user or if it's a scheduled automatic password reset), and status (if the password reset was successful or not). This report enables administrators to monitor password reset activities, track successful password resets, and identify any failed attempts that may require troubleshooting or user assistance.
How it works
When a user initiates a self-service password reset or when an automatic scheduled password reset occurs (if configured by administrators), the system captures key details including the username, timestamp, IP address, machine name, number of attempts, reset type, and the success or failure status of the operation. This audit data is then aggregated and presented in the report, allowing administrators to filter and analyze password reset activities over specified time periods for security monitoring, troubleshooting, and compliance purposes.
Limitation
The report only captures password reset activities performed through ADSelfService Plus (self-service resets by users and automatic scheduled resets). Password resets made directly through AD or other methods will not appear in this report.
Prerequisite
You must have administrator or technician-level access to the ADSelfService Plus portal to generate and view reports.
Generating the Reset Password Audit Report
To generate the Reset Password Audit Report:
- Log into the ADSelfService Plus portal with admin or operator privileges.
- Navigate to Reports > Password Self-Service Reports > Reset Password Audit Report.
- Specify the domain using the Select Domain option. Use the Select OUs option to specify OUs if necessary.
- The Period drop-down menu can be used to specify the time period for which to generate the reports. Options include: Today, Yesterday, Last 7 days, Last 30 days, This month, and Custom Period.
- Click Generate to generate the report.
Customizing the Reset Password Audit Report
- Adding or removing columns: To add or remove columns, click on the Add/Remove Columns [
] option at the far right of the report. In the Select the columns to be displayed pop-up that appears, select the required fields under Available Columns and click on the right arrow ( >> ) to move it to the Selected Columns. To remove columns, select the unused fields under Selected Columns and click on the left arrow ( << ) to move it to Available Columns.
- Ordering the columns: The columns' positions can also be altered by selecting a value under Selected Columns and using the Up and Down options to change its position.
Advanced Filtering
Once the report is generated, the entries can be narrowed down based on the following parameters by clicking the Advanced Filter [ 
] icon at the far-right side of the report page.
- User Name: This option lets you narrow-down the password reset attempts by username. The conditions available to refine this include Contains, Does Not Contain, Equals, Is Not Equal To, Starts With, and Ends With.
- Attempted from: This option lets you display results by the name of the machine the password reset was attempted from. The conditions available to refine this include Contains, Does Not Contain, Equals, Is Not Equal To, Starts With, and Ends With.
- IP Address: This option lets you display results by IP address. The conditions available to refine this include Contains, Does Not Contain, Equals, Is Not Equal To, Starts With, and Ends With.
- Type of password reset:
- Self Password Reset: Choosing this option will display the self-service password resets done by users using ADSelfService Plus's Reset Password feature.
- Automatic Password Reset: Choosing this option will display the automatic password resets that occurred due to administrators enabling the Automatically reset domain user’s passwords when they expire option ( Configuration > Policy Configuration > Advanced > Automation ), which runs a scheduler that automatically resets passwords upon expiration.
- Status of the password reset: Whether the reset attempt was a Success or Failure.
Sorting
Click on any of the column headers to view the report's entries in ascending or descending order.
Searching
- Click on the search icon [
] in order to search for specific data in the report.
- Specific users can be searched for using attributes such as their sAMAccountName, or Display Name.
- Searching happens using the criteria ' contains '. For example, if the username column is searched for the word " jack " , then all usernames containing the sequence " jack " will be displayed as a result.
Automating the Reset Password Audit Report generation
The Schedule Reports option can be used to schedule the generation of reports at specified intervals, and automatically email them to administrators or specific email addresses. Learn to schedule reports here.
Exporting the Reset Password Audit Report
The Export As option at the right corner of the page helps export the report in CSV, PDF, XLS, XLSX, HTML and CSVDE formats.
Tips
- The More option at the right corner of the page lists the Printable View, Send Mail, and Export Settings options.
- The Printable View option can be used to preview and print the report.
- The Send Mail option can be used to mail the report to the desired email addresses.
- Additionally, you can configure custom Export Settings, such as a personalized title for the report and a header logo that you may wish to display on each page.
- Generate reports for different time periods (Last 7 days, Last 30 days) to identify trends such as peak reset times, frequent reset users, or unusual activity patterns that may warrant process improvements or additional user training.
- Leverage report filters to investigate suspicious password reset attempts from unfamiliar locations or devices, enabling faster response to potential account compromise scenarios.