Could someone help me with the following: I need a PowerShell script that searches a specific Organization Unit with a lot of users and sets: Password must change @ next logon if the password expires within 1 day.

I already have the following script:

$maxPwdAge=(Get-ADDefaultDomainPasswordPolicy).MaxPasswordAge.Days
$1day=(get-date).AddDays(1-$maxPwdAge).ToShortDateString()

Get-ADUser -filter {Enabled -eq $True -and PasswordNeverExpires -eq $False -and PasswordLastSet -gt 0} –Properties * | where {($_.PasswordLastSet).ToShortDateString() -eq $1day} | select *

You should instead compare DateTime objects directly, you plain don't need ToShortDateString() conversion to compare dates in Powershell. Also last select * is superfluous and only spoils the return type of an object.

$1day=(get-date).AddDays(1-$maxPwdAge)
Get-ADUser -filter {Enabled -eq $True -and PasswordNeverExpires -eq $False -and PasswordLastSet -gt 0} –Properties * |
where {$_.PasswordLastSet -ge $1day}

Should do.