Search the audit log in the Office 365 Security & Compliance Center - Audited Activities | User administration activities

Created by Akshit Kapoor, Modified on Sat, 24 Mar, 2018 at 12:42 PM by Alen Varghese

The following table lists user administration activities that are logged when an admin adds or changes a user account by using the Office 365 admin center or the Azure management portal.


Activity
Operation
Description
Added user
Add user
An Office 365 user account was created.
Changed user license
Change user license
The license assigned to a user what changed. To see what licenses were changes, see the corresponding Updated user activity.
Changed user password
Change user password
Administrator changed the password the password for a user.
Deleted user
Delete user
An Office 365 user account was deleted.
Reset user password
Reset user password
Administrator reset the password for a user.
Set property that forces user to change password
Set force change user password
Administrator set the property that forces a user to change their password the next time the user sign in to Office 365.
Set license properties
Set license properties
Administrator modifies the properties of a licensed assigned to a user.
Updated user
Update user
Administrator changes one or more properties of a user account. For a list of the user properties that can be updated, see the "Update user attributes" section in Azure Active Directory Audit Report Events.

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article