On-premises and especially remote, accounts are gateways for accessing critical information. Password management makes this possible. Active Directory accounts for any impactful changes across user accounts. Monitoring and logging changes can help admins detect fishy activity. Password change histories can prevent leaks and minimize downtime. When changing a password, it’s essential that the user’s previous password is known beforehand. Using Active Directory Users and Computers (ADUC) ADUC is a supplemental tool that allows administrators to interact with Active Directory components.
Source: https://thehackernews.com/2021/02/how-to-audit-password-changes-in-active.html