I can't keep up with all the releases.. but...
In SM16 or SM17 ... does the "Password Change" get logged somewhere, along with the originating IP address. We have two-factor notification / follow-up built for most of our other processes ..
What we are doing with SM 15.x at the moment is:
Execute Line command program..
Line command program basically just records that it happen, domain, userid.. and time
..then we have another program read the Admin logs.. to find the IP address to match up
to the times and users.... So obviously this isn't fool proof.
Then we text (via twilio .. ) to our users..if they have their cell phone.. that their password
was changed from xxx.xxx.xxx.xxx
Am sure there are more elegant ways to do this... but that is what we are doing for SM 15.x
So again.. has the logging and even t tracking changed for SM16.x and/or SM17.X ?