Info:
This is another script, similar to the one I posted on seeing when the password was last changed. This checks which users have their accounts to never need to change their password. This could be a BIG security risk in organizations, that's why it's important o know this stuff.

I have written 2 scripts that work very well. Take your pick!

Both export a log file to the same path where you run this script from.

Script1

#Add the import and snapin in order to perform AD functions
Add-PSSnapin Quest.ActiveRoles.ADManagement -ea SilentlyContinue
Add-PSSnapin Microsoft.Exchange* -ea SilentlyContinue


Import-Module ActiveDirectory


#Clear Screen
cls


#List the domains we want to cycle through
[array]$TotalDomains="domain1.local","domain2.org","domain3.com"


#This loop checks against all 3 domains. The array of domains is defined above.
for($i=0; $i -lt $TotalDomains.Count; $i++)
{
$users = $(try {Get-ADUser -Filter{Enabled -eq $True -and SamAccountName -notlike "admin-*" -and PasswordNeverExpires -eq $True} -server $($TotalDomains[$i]) -Properties SamAccountName, msDS-UserPasswordExpiryTimeComputed, GivenName, Surname, telephoneNumber, mail, passwordlastset} catch {$null})


if ($users -ne $null)
{
# User EXISTS in this domain
foreach ($user in $users)
{
$UsersName = $user.GivenName + " " + $user.Surname


Write-Output "Domain: $($TotalDomains[$i])`r`nUser: $($UsersName)`r`n" | out-file "PasswordNeverExpires1.txt" -Append
}
}
else
{
# User DOESN'T exist in this domain
#Don't do anything, just continue
}
}




Script2

#Add the import and snapin in order to perform AD functions
Add-PSSnapin Quest.ActiveRoles.ADManagement -ea SilentlyContinue
Add-PSSnapin Microsoft.Exchange* -ea SilentlyContinue


Import-Module ActiveDirectory


#Clear Screen
cls


#List the domains we want to cycle through
[array]$TotalDomains="domain1.local","domain2.org","domain3.com"


#This loop checks against all 3 domains. The array of domains is defined above.
for($i=0; $i -lt $TotalDomains.Count; $i++)
{
Write-Output "Domain: $($TotalDomains[$i])`r`n" | out-file "PasswordNeverExpires2.txt" -Append
Search-ADAccount -Server $($TotalDomains[$i]) -UsersOnly -PasswordNeverExpires | FT Name,ObjectClass | out-file "PasswordNeverExpires2.txt" -Append
}