Kaseya Community

How do I create a report to find the last password reset date on Windows PCs

  • Hi, Some of our PCs are not in domain. Users are adviced to changed their local password but we do not know they have changed or not. I want to run a report to find it out. If I go to the command prompt and run "net user %username%" it shows Password last set date. But I could not find that in Kaseya reporting. Is there a way to get those info back to kaseya and run a report ? Many thanks in advance for your help.

  • Create a script to run that command in a command prompt sending the results to a variable.  Then write the variable to a custom field you create for it in Kaseya for that machine.  Then you can create a custom report using that field.

  • Hi Tom, Thanks for the quick reponse. I did that, but it does not write the results to my custom filed.

    The results has a lot of details. How do I filter it to a single custom field. I found a command and tried but still no luck, Any idea. Thanks.

    Here is the command I used ---   for /f "tokens=2 delims=: "%a in ('find "Passwordlastset" #PassSetDate#\sysinfo.txt"') do @echo %a

  • after find change "Passwordlastset" to "Password last set" - use the spaces and see if that works, and if not ...

    Try the command line to narrow it down then see if your filter (with the change above) works ... net user "username" | find /i "Password last set"

  • Rodrigt, I assume you have a one-to-one workstation to users and the computers are not shared.

    You can run this command AS the user, using exectutecommand send to variable:

    net user %username% | for /f "tokens=4,5 delims= " %a in ('find /i "Password Last Set"') do @echo %a %b

    %username% will pick up the current logged-in account.

    Then use another step to pickup the results of the command and update a custom field:


    Then you can run a report based on the custom field.

    Also, you could do Write Log step, such as: Write Log: LOG: #global:cmdresults# and then the report can pull the data.

    You may want to do something like: #vAgentConfiguration.currentUser# - #global:cmdresults# to show the user account whose password you've collected.