Our information security policy requires us to configure all account passwords—including service account passwords—to expire every 90 days, which forces us to regularly change them. Is there an easy way to get a report of user account password expiration dates?

Download DumpSec at http://www.systemtools.com/ somarsoft/index.html, and run the Users as Table report with UserName and PasswordExpiresTime as output fields. DumpSec reports on only one domain controller (DC) or server at a time, but you can run it from a batch file that executes it for each server or DC whose information you need.