Solved

AD password history report

Posted on 2013-01-10
5
381 Views
Last Modified: 2013-04-02
Is there a way to create a report on AD to see how many times a password has been reset? I want to find out the times, date, and user that reset it the password. I have windows 2008 servers for AD.
0
Comment
Question by:tuzzo
5 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 38764803
There is the pwdlast attribute   http://msdn.microsoft.com/en-us/library/windows/desktop/ms679430(v=vs.85).aspx

...but that is not a historical trail.  The security event logs would be where that info is stored but this could be a tough task depending on what tools you have and how you archive your old logs.

Thanks

Mike
0
 

Author Comment

by:tuzzo
ID: 38764944
Do you know of any software that you could recommend to run a report from the logs? or any other software?
0
 
LVL 18

Expert Comment

by:Sushil Sonawane
ID: 38765123
This might be help you out.

ADManager Plus

For download refer below you out.

http://www.manageengine.com/products/ad-manager/index.html
0
 
LVL 4

Accepted Solution

by:
palicos earned 500 total points
ID: 38774229
For Naative Active Directory you can try these steps as bit error was there but like wise bit closed

1. Find the name of your Windows AD server or its alias that your organization uses.
2. Open Crystal Reports
3. Select New Report
4. When prompted for a datasource, go to "Create New Connection" -> "OLE DB (ADO)" (click "Make New Connection" if it doesn't prompt you)
5. From the list, scroll down till you see "OLE DB Provider for Microsoft Directory Service", highlight it, and click "next"
6. In the textboxes, enter the following
Data Source: <the name of your AD sever>
User ID: your user ID WITH the domain. For example ‘yourdomain\youraccount’
Password: your user password.
Integrated security left unchecked
7. Click finish.
NOTE: if you mess up anything from steps 4-7 and the connection is created, you will need to exit out of Crystal reports and then start over again. Making a new connection will not overwrite the bad connection and there is no way to edit it once it’s open.
8. Under "Active Directory Service Interfaces" click "Add Command"
9. Enter in the following SQL statement, replacing the stuff in the <> (you may need your AD administrators to give you the correct LDAP path):
SELECT samaccountname, sn, givenname, mail
FROM 'LDAP://OU=<yourOU>,DC=<yourdomain1>,DC=<yourdomain2>'
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
ACTIVE DIRECTORY, EXCHANGE 3 58
Modify Permissions in Windows Folders. 15 35
Replication problems 6 23
AD - Domain Admins Group - Track changes 4 19
Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question