Hi all,
Trying to put together a quick audit script to output all users who have no password expiry. I'm also looking to filter this by only users who are enabled and users who's accounts have not expired.
Here is what I was attempting:
####script start
Import-Module ActiveDirectory
#Searches AD for accounts with passwords set to never expire
# Filter to not include disabled accounts or expired accounts
$passwordneverexpires = Search-ADAccount -PasswordNeverExpires | Select-Object Name,ObjectClass, UserPrincipalName | Sort-Object Objectclass
$passwordneverexpires | ForEach-Object {Get-ADUser -filter * | where {($_.enabled -eq $True)}} | Export-csv c:\xxxx\audit\xxxx-passwordneverexpires-7june2014.csv
####end script
However, when I run the above it outputs all enabled users from my domain. Any help is appreciated as always!