Audit Reports

The Audit Reports section provides comprehensive information for easy auditing, including details on self-service operations carried out by end-users, applications access, blocked users, and user provisioning status.

This section has the following reports:

1. Reset Password Audit Report
2. Unlock Account Audit Report
3. Self-Update Audit Report
4. Change Password Audit Report
5. Notification Delivery Audit Report
6. Identity Verification Failures Audit Report
7. User Attempts Audit Report
8. Blocked Users Report
9. Application Access Audit Report
10. JIT Provisioning Audit Report

Reset Password Audit Report:

This report provides details of the users who used the self-service password reset feature over a specific period of time. Click here for report generation steps.

Unlock Account Audit Report:

This report provides details of the users who used the self-service account unlock feature over a given time period. The report also includes information like the user name, time of account unlock, domain name, total number of attempts, and type of account unlock (self-service or automatic). Click here for report generation steps.

Self-Update Audit Report

This report provides details of the users who performed directory self-update over a period of time. The details provided by the report include the user name, time of self-update, domain name, and total number of attempts. Click here for report generation steps.

Change Password Audit Report:

This report provides details of the users who changed their user account password over a certain period of time. That includes the username, time of account unlock, domain name, total number of attempts, and type of password change (due to User must change password at next logon being enabled in AD, or a normal password change). Click here for report generation steps.

Notification Delivery Audit Report:

Provides information on the delivery status of the notifications sent by ADSelfService Plus. Information provided in the reports include the date, time, name, and type (mail, SMS, or push notification) of notification. Click here for report generation steps.

Identity Verification Failures Audit Report:

This report generates the list of users who have failed at MFA. The information provided by this report includes the time of failure, the domain name, the total number of attempts, and the type of identity verification (MFA) attempted. These information help administrators handle security risks like brute force and dictionary attacks. Click here for report generation steps.

User Attempts Audit Report:

Generates the list of users who have attempted authentication methods like MFA, SAML and NTLM authentication, smart card login, and authentication into the self-service portal. Information displayed in the report includes the time of the attempt, domain name, total number of attempts, and the type of attempt. Click here for report generation steps.

Blocked Users Report:

This report generates the list of users who have been blocked from accessing ADSelfService Plus. The report provides information like the time of blocking, the time the user will be unblocked, and the domain name. Click here for report generation steps.

Application Access Audit Report:

This report provides details of the users who have accessed applications using the SAML and OAuth/OIDC protocols. This information includes the username, the time at which the application was accessed, the hostname, the policy to which the user belongs, the application that was accessed, the protocol used, the flow that was initiated, the number of attempts, and the status. Click here for report generation steps.

JIT Provisioning Audit Report:

This report lists user accounts created in the target applications via just-in-time provisioning. This information includes the username, the time of the attempt, hostname, the policy to which the user belongs, the name of the target application, the number of attempts, and the status. Click here for report generation steps.