Cannot Change Password Report
This job generates a report on passwords that cannot be changed. Typically,
a user is required to change their password at specified intervals (e.g., once
a month, every quarter, etc). However, certain accounts may be exempt from the
policy. For example, an administrator has granted access to a specific domain
account to more than one user, but does not want any one individual to be able
to change the password and restrict access to the account.
Fine-Grained Password Policy Report
Beginning with Windows Server 2008, administrators can apply password policies
to particular sets of users rather than setting one policy for the entire domain.
This report produces a list of fine-grained password policy objects for Windows
Server 2008 environments only.
Non-Expiring Password Report
Although administrators may allow certain accounts to have passwords that never
expire, there are risks associated with this practice. This job generates a
report of these non-expiring password accounts for administrators, allowing
them to validate the need for such accounts, and determine possible risk factors.
Recently Modified Password Notification
This report alerts the user of the date a password was last changed or reset.
Password Expiration Notification
The Password Expiration Notification alerts users (at intervals determined by IT) when their password is expiring. This job is particularly valuable for organizations that do not use a password reset program. Administrators can receive reports that include both passwords that have already expired as well as those expiring in the future.
Must Change Password Notification
This job reports on users who must change their password the next time they log on. Users whose passwords are expiring can be notified via email and administrators receive a report listing all accounts that fit the criteria.