Link regular account with admin account

lalajee 1,811 Reputation points
2023-01-03T12:18:57.393+00:00

Hi,
Is it possible to send any activity of admin account to regular account email

E.g. When admin account password is reset I would like to email user to let user know password is reset

our admin accounts dont have email setup
Regular account are exchange online mailbox with E3 Lic

Windows 10
Windows 10
A Microsoft operating system that runs on personal computers and tablets.
10,697 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,930 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,661 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. James Hamil 22,086 Reputation points Microsoft Employee
    2023-01-04T00:29:36.287+00:00

    Hi @lalajee , if I understand your question correctly you wish to alert a user when an admin changes their password. For Exchange Online you can follow this guide to view Admin Audit Logs.

    • In the EAC, go to Compliance management > Auditing, and then choose Run the admin audit log report.
    • In the Search for changes to administrator role groups page that opens, choose a Start date and End date (the default range is the past two weeks), and then choose Search. All configuration changes made during the specified time period are displayed, and can be sorted, using the following information:
    • Date: The date and time that the configuration change was made. The date and time are stored in Coordinated Universal Time (UTC) format.
    • Cmdlet: The name of the cmdlet that was used to make the configuration change.
    • User: The name of the user account of the user who made the configuration change.
    • Up to 5000 entries will be displayed on multiple pages. Specify a smaller date range if you need to narrow your results. If you select an individual search result, the following additional information is displayed in the details pane:
    • Object modified: The object that was modified by the cmdlet.
    • Parameters (Parameter:Value): The cmdlet parameters that were used, and any value specified with the parameter.

    If you want to print a specific audit log entry, choose the Print button in the details pane.

    You can then use the Search-UnifiedAuditLog cmdlet to retrieve the logged events, and send an email using a script. An example guide for creating a script can be found here. Please let me know if you have any questions and I can help you further.

    If this answer helped you please mark it as "Verified" so other users can reference it.

    Thank you,
    James

    0 comments