Is there a report to see who has change their AD password via Okta? Skip to main content
https://support.okta.com/help/answers?id=9060z000000789oqaa&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fanswers
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
Joe DaceyJoe Dacey 

Is there a report to see who has change their AD password via Okta?

Management would like to quantify how many people use the password reset tool via Okta.
Daniel CapriceruDaniel Capriceru (Okta, Inc.)
Hi Joseph,

Thank you for posting your inquiry to Okta Support Community Portal. 


Currently, there's no out of the box report to check who changed their AD password via Okta, but you can accomplish this via the System log by using this search filter "eventType eq "user.account.update_password" " and then downloading the CSV file.

Also, you could try using the Active Directory Audit logs for password changes against the Okta Service Account.


 If you would like to see such functionality in Okta, the best route to pursue this is via a feature request. The best way to file feature requests would be from the Community Idea site.

https://support.okta.com/help/oktaideas



Best regards,
Daniel
Joe DaceyJoe Dacey
I would disagree with "eventType eq "user.account.update_password" " as there are basically no results.  I found that if you use this: eventType eq "system.agent.ad.reset_user_password" and outcome.result eq "SUCCESS" you get what appear to be good results.  Note that I am finding duplicate entries at times, but this should suffice.