The script generates a report containing users who performed self-password reset during the specified time period.
Parameters:
- $eventDateColumnID - Specifies the identifier of the custom column that will contain the date and time when the self-password reset was performed. The column should be of Date/Time type. To get the identifier of a custom column:
- In the Report-specific columns section, on the Columns tab, right-click the custom column.
- In the context menu, navigate to Copy and click Column ID.
- The column identifier will be copied to clipboard.
- $isSuccessfullColumnID - Specifies the identifier of the custom column that will contain a value (true/false) indicating whether the self-password reset was successful. The column should be of Boolean type.
- $policyNameColumnID - Specifies the identifier of the custom column that will contain the name of the Self-service policy the user is enrolled for. The column should be of Text type.
- $hoursParameterName - Specifies the name of the parameter used to select the number of hours to check for self-password resets. The parameter name should be specified with the param- prefix.
PowerShell
$eventDateColumnID = "{e9920b5a-9167-444c-937a-efdf461f2a14}" # TODO: modify me
$isSuccessfullColumnID = "{adc31b12-0e51-4732-84dc-473f9358af44}" # TODO: modify me
$policyNameColumnID = "{d59b77d2-6106-420d-befa-d3b2cbf7da65}" # TODO: modify me
$hoursParameterName = "param-hours" # TODO: modify me
# Get parameter value
$hours = $Context.GetParameterValue($hoursParameterName)
# Bind to the 'Password Self-Service statistics' container
$passwordSelfServiceStatisticsPath = $Context.GetWellKnownContainerPath("PasswordSelfServiceStatistics")
$passwordSelfServiceStatistics = $Context.BindToObject($passwordSelfServiceStatisticsPath)
# Generate the 'Password Resets' report
$passwordSelfServiceStatistics.ResetReportCache("ADM_PSSREPORTTYPE_RESETPWD")
$reportIsBeingGenerated = $True
# Get the 'Password Resets' report
do
{
try
{
$report = $passwordSelfServiceStatistics.GetReport("ADM_PSSREPORTTYPE_RESETPWD")
$reportIsBeingGenerated = $False
}
catch [System.Runtime.InteropServices.COMException]
{
if ($_.Exception.ErrorCode -eq "-2147024875")
{
# Report is being generated. Wait 10 seconds
Start-Sleep -Seconds 10
}
else
{
$reportIsBeingGenerated = $False
$Context.LogMessage($_.Exception.Message, "Error")
return
}
}
}
while ($reportIsBeingGenerated)
# Add the date when the report was generated
$reportHeader = $reportHeader -f $report.GenerateDate
# Add report records
$records = $report.Records
$threshold = (Get-date).AddHours(- $hours).ToUniversalTime()
for ($i = 0; $i -lt $records.Count; $i++)
{
$record = $records.GetRecord($i)
# Get user information
$userPath = $NULL
$userDisplayName = $NULL
$userParentCanonicalName = $NULL
$userAccountIsEnabled = $NULL
$userIsEnrolled = $NULL
$userAccountIsExpired = $NULL
$userInfo = $record.GetUserInfo([ref]$userPath, [ref]$userDisplayName, [ref]$userParentCanonicalName,
[ref]$userAccountIsEnabled, [ref]$userIsEnrolled, [ref]$userAccountIsExpired)
$eventDate = $record.EventDate
if ($eventDate -lt $threshold)
{
continue
}
# Get policy information
$policyPath = $NULL
$policyName = $NULL
$policyInfo = $record.GetEnrollmentPolicyInfo([ref]$policyPath, [ref]$policyName)
# Add the information to the report
$user = $Context.BindToObject($userPath)
$columnValues = @{
$isSuccessfullColumnID = $record.IsSuccessfull
$policyNameColumnID = $policyName
$eventDateColumnID = $eventDate
}
$Context.Items.Add($user, $columnValues, $NULL)
}