This website uses cookies to ensure you get the best experience on our website. Learn more
New in Specops Password Policy 7.12: Schedule Password Auditor Reports, Improvements to Periodic Scanning Reports & more
This week, we’ve released the latest version of our Active Directory password management solution, Specops Password Policy 7.12.
This release includes improvements to the reporting within the Specops Password Policy admin tools as well as several new PowerShell cmdlets that you can use to access information or results about the latest or previous periodic scan.
Also new in this release is a cmdlet that can be used to manually run or schedule a run of Specops Password Auditor.
Let’s take a look.
Previous scan results & more reporting enhancements
Specops Password Policy 7.12 includes improvements to the available reporting in the Admin tools.
We’ve added two new settings to the Periodic Scanning screen in this release, available when you click the Edit button under Settings. These improvements can help with troubleshooting but also with pulling data on how your compromised password protection has improved since running your first scan or give an audit trail.
The first is the option to save a list of accounts with compromised passwords, configurable as yes/no. The default is no. The second is the number of reports you can save.
Configuring this setting as “yes” will save a list of accounts with compromised passwords every time the periodic scan runs. The list of accounts with be saved in a protected folder on the domain controller where periodic scanning runs.
The “number of reports to save” functions as a rolling count of the latest reports saved. If you reach your limit of reports that will save, the periodic scan will simply delete the oldest saved report from the list and add the latest.
Once configured, Periodic Scanning will start saving reports beginning with the next manual or scheduled scan.
After selecting a saved report date, if you have enabled the setting to save a list of accounts with breached passwords, you will be able to click “Show accounts” to see which accounts have a breached password according to the Express, Complete or either list.
From there, an administrator can copy the list of accounts to paste into another doc, email or workflow, if needed.
Cmdlets for Periodic Scanning
For those that prefer PowerShell, this release also includes a few new cmdlets to pull reporting results at the command line.
Get-SppPeriodicScanningResultList will return the list of reports saved:
Get-SppPeriodicScanningResult returns the overview data for the latest scan:
The same cmdlet can also be used to access an earlier report by referencing the results list which is provided as a PowerShell array.
Get-SppPeriodicScanningResultUsers will return the result for each user found to have a compromised password from the latest scan.
Read more about these cmdlets in the documentation.
Schedule Specops Password Auditor scans
With this release, Specops Password Policy customers can now make use of a cmdlet and a scheduled task to run scheduled scans for Specops Password Auditor.
New-SpaReport will generate a Specops Password Auditor PDF report which will be saved in a location specified by the admin when running the cmdlet.
Note: The Specops Password Auditor Breached Password report is still available via a manual run of Specops Password Auditor but will not appear in the scheduled scan report result. Compromised password statistics for Specops Password Policy and Breached Password Protection customers are best accessed via the Periodic Scanning page.
Weekly/monthly/quarterly scans with Specops Password Auditor are made possible with this cmdlet and a scheduled task.
And if you want those reports emailed to you, check out this Knowledge Base article that includes a sample script for emailing this report to administrators, along with the latest results of Periodic scanning, that you can adapt to for your use.
More improvements and fixes
More improvements and fixes can be found in the release notes.
If you are an existing Specops Password Policy customer, you can find upgrade instructions here. If you have questions about upgrading, please contact support.
See how Specops Password Policy can help
If you’re interested in seeing a demo of the latest Specops Password Policy or have questions about how you can block over 4 billion compromised passwords with Breached Password Protection, contact us.
(Last updated on February 5, 2024)