In the Administrator interface, click Reports in the main menu.
Click Run Risk Analysis in the secondary menu.
In the New drop-down menu, select a report to create.
A Risk Analysis Report Settings page opens.
Complete the form.
You can limit the report to scan selected resources and, depending on the resource type, you can scan for accounts that meet these criteria:
Accounts that are disabled, expired, inactive, or locked
Accounts that have never been used
Accounts that do not have a fullname or password
Accounts that do not require a password
Accounts with passwords that have expired or have not changed for a specified number of days