The following table lists user administration activities that are logged when an admin adds or changes a user account by using the Office 365 admin center or the Azure management portal.
| Activity |
Operation |
Description |
| Added user |
Add user |
An Office 365 user account was created. |
| Changed user license |
Change user license |
The license assigned to a user what changed. To see what licenses were changes, see the corresponding Updated user activity. |
| Changed user password |
Change user password |
Administrator changed the password the password for a user. |
| Deleted user |
Delete user |
An Office 365 user account was deleted. |
| Reset user password |
Reset user password |
Administrator reset the password for a user. |
| Set property that forces user to change password |
Set force change user password |
Administrator set the property that forces a user to change their password the next time the user sign in to Office 365. |
| Set license properties |
Set license properties |
Administrator modifies the properties of a licensed assigned to a user. |
| Updated user |
Update user |
Administrator changes one or more properties of a user account. For a list of the user properties that can be updated, see the "Update user attributes" section in Azure Active Directory Audit Report Events. |
