Display (enabled) members of an AD group (recursively):
Get-ADGroupMember "GROUP_NAME" -Recursive | Get-ADUser | Where-Object Enabled -EQ True | Sort -Property Name | Select Name,sAMAccountName |
Display accounts with password set to never expire:
Get-ADUser -Filter 'PasswordNeverExpires -eq $true' | Sort -Property Name | Select Name,sAMAccountName |
Use “Where-Object” to narrow down the list, if necessary.
You’ll need the Active Directory PowerShell module that ships with Remote Server Administration Tools (RSAT) and a Windows 2008 or newer Domain Controller with AD Web Services