From an another closed post I was given the following query to use in powershell
Get-ADUser -filter {Enabled -eq $True -and PasswordNeverExpires -eq $False} –Properties Name, msDS-UserPasswordExpiryTimeComputed
Looking more closely at the output I realize that it's spiting out every user in the AD as having an password that's expired/expiring. What I was looking for was a powershell method to list all users who will have passwords expiring in the next 10 days based on the fine group password policy. Tools I'm using now are reporting the wrong users as they are only looking at the dc group policy
Will.