Is there a way to see if a user changed their password? Logs on the managed server?
I went through the scenario to change my password in my lab environment and then ran an audit report throught the CLI of the Desktop Cient. The report does not explicitly state that a password was changed. However, it does make indication that an update was made to the user account:
20180905 12:05:05.916 ad1251cb-bb6a-4a68-9eb1-c3e624ceaac8 req STEVE admin update user ID:STEVE Name:STEVE Groups:[SCHEDGRPUTY, EVERYONE] Permissions:ADMIN.*,[ALTER,true];
20180905 12:05:05.931 ad1251cb-bb6a-4a68-9eb1-c3e624ceaac8 resp STEVE admin update user ID:STEVE Name:STEVE Removed groups: Added groups: Removed permissions:Added permissions:
Notice that in the above system messages, there are no updates to permissions or groups. So we can assume by these messages that the change that is being referenced here was password related in this particular instance.