You should use a searcher object like this if you need to find all user accounts in your Active Directory with non-expiring passwords:
function Get-NonExpiringPasswords {
$filter = '(&(objectCategory=person)(objectClass=user)(userAccountControl:`
1.2.840.113556.1.4.803:=65536))'
$filter = '(&(objectCategory=person)(objectClass=user)(userAccountControl:`
1.2.840.113556.1.4.803:=65536))'
$root = New-Object System.DirectoryServices.DirectoryEntry("LDAP://RootDSE")
$searcher = New-Object System.DirectoryServices.DirectorySearcher $filter
$SearchRoot = $root.defaultNamingContext
$searcher.SearchRoot = "LDAP://$SearchRoot"
$searcher.SearchScope = 'SubTree'
$searcher.SizeLimit = 0
$searcher.PageSize = 1000
$searcher.FindAll() | Foreach-Object { $_.GetDirectoryEntry() }
}
