OTA password resets are recorded in the Policy log and you'll see an entry as below. Note that the user ID is erroneous. It isn't the ID of the user having their p/w reset and it isn't the ID of the Administrator doing the reset. The user ID in the policy log will be different as there is a different User-ID table for the policy service. RIM publish a script you can run against the database that will allegedly return the required information. Search for KB19251.
>>>>example from Policy log
[40000] (03/18 17:12:22.381):{0x25F4} {<emailaddress>, PIN=XXXXXXXX, UserId=973}SCS::ScheduleCommand - Queuing SET_PASSWORD_REQUEST request
[40000] (03/18 17:12:22.381):{0x25C8} {<emailaddress>, PIN=XXXXXXXX, UserId=973}RequestHandler::DoWork - Processing SET_PASSWORD_REQUEST request
[30000] (03/18 17:12:22.396):{0x25C8} {<emailaddress>, PIN=XXXXXXXX, UserId=973}RequestHandler::FormatGMETransactionFor Device - Sending SET_PASSWORD_REQUEST request to device, contentType=ITADMIN, size=52, RefId=0, TransactionId=-9223372035585907877, SRPID=XXXXXXXX, Tag=36558
[40000] (03/18 17:12:22.396):{0x25C8} {<emailaddress>, PIN=XXXXXXXX, UserId=973}RequestHandler::SendData - Submit ToRelaySendQ, PIN=XXXXXXXX, Tag=36558
[40000] (03/18 17:12:22.396):{0x25C0} [BIPP] Send data, Tag=36558
[40000] (03/18 17:12:22.396):{0x25C8} {<emailaddress>, PIN=XXXXXXXX, UserId=973}RequestHandler::DoWork - Completed SET_PASSWORD_REQUEST request
|