Use-case 35: How To Identify Users That Do Not Comply Password Policies In Your Active Directory

Use-case 35: How To Identify Users That Do Not Comply Password Policies In Your Active Directory




One of the main conceptions of a highly secure environment, with a lots of GPOs interlinked and enforced, is the mental-make up of having a strong password policy. On the contrary, there is a wide-open possibility of a "password policy slip". These users can go unnoticed, unmanned for password change and undeniably open doors for threat. 

Some of the advantages of changing passwords, at regular intervals are, 

1. Compromised employees who have been using your password cannot snoop in and remain, over an extended period.

2. Reduces the risk of password cracking, especially if the password phishing time is greater than the interval of password reset. 

3. Encourages security for data and resources, within employees. Also, promotes the need for more. 

ADManager Plus provides exhaustive reports on passwords and once such report is   Password Unchanged Users. Through this report, you can identify accounts and probe why passwords have not been changed(if all accounts are from the same OU - a policy linked with that OU) and enforce password change

Step 1: Kindly go to AD Reports --> Password Reports --> Password Unchanged Users.







Step 2: Kindly choose the Domain and Time Period. Click on Generate.

You can choose the users and then click on Change Password at Next Logon






#TheAD+Experience

Shane Clinton
ManageEngine ADSolutions Team
Direct
: +1 408-916-9891

Toll Free
: +1888-720-9500          
How To | Forum | File Permission Management
   
ADManager Plus | ADAudit Plus | ADSelfService Plus | Exchange Reporter Plus | Recovery Manager Plus | AD360
              New to ADManager Plus?

                New to ADSelfService Plus?