#Enabled Account
(Get-ADUser -filter {(enabled -eq $true)} | measure).Count
#Disabled Account
(Get-ADUser -filter {(enabled -eq $false)} | measure).Count
#Enabled, Password Not Required
(Get-ADObject -LDAPFilter "(&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=32))" -Properties useraccountcontrol | Where-Object { $_.DistinguishedName -notlike "*OU=Disabled Users*"} | measure).Count
#Enabled, Password Doesn't Expire
(Get-ADUser -Filter {(enabled -eq $true) -and (PasswordNeverExpires -eq $true)} | measure).Count
#Enabled, Password Doesn't Expire & Not Required
$EnabledNeverExpires = Get-ADUser -Filter {(enabled -eq $true) -and (PasswordNeverExpires -eq $true)} | Select DistinguishedName
$PasswordNoRequired = Get-ADObject -LDAPFilter "(&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=32))" -Properties useraccountcontrol | Where-Object { $_.DistinguishedName -notlike "*OU=Disabled Users*"} | Select DistinguishedName
(Compare-Object -ReferenceObject $EnabledNeverExpires -DifferenceObject $PasswordNoRequired -IncludeEqual -ExcludeDifferent | measure).Count
#Enabled, Smartcard Required (0)
(Get-ADUser -filter {(enabled -eq $false)} -Properties SmartcardLogonRequired | Where-Object { $_.SmartcardLogonRequired -eq $true }| measure).Count
#Enabled, Smartcard Required, Password Not Required (0)
#Enabled, Smartcard Required, Password Doesn't Expire (0)
#Enabled, Smartcard Required, Password Doesn't Expire & Not Required (0)