Overview #MsDS-UserPasswordExpiryTimeComputed Virtual Attribute Attribute indicates the time when the password of the entry will expire. 
MsDS-UserPasswordExpiryTimeComputed performs the AD Determining Password Expiration calculations.
In Microsoft Active Directory Virtual Attribute cannot be returned as value data in an LDAP search request unless the search scope is set to "base" which means that the LDAP client accesses only one single entry.
If USER is the Entry on which the attribute msDS-UserPasswordExpiryTimeComputed is read.
If USER is not in a domain NC, then USER:msDS-UserPasswordExpiryTimeComputed = null.
If DC is the root of the domain NC containing USER. The DC applies the following rules, in the order specified below, to determine the value of USER:msDS-UserPasswordExpiryTimeComputed: If any of the following are set bits is set on USER entry:User-Account-Control Attribute:
If pwdLastSet = null or pwdLastSet = 0, #then USER:msDS-UserPasswordExpiryTimeComputed = 0.
if Effective-MaximumPasswordAge = 0x8000000000000000 #then USER:msDS-UserPasswordExpiryTimeComputed = 0x7FFFFFFFFFFFFFFF (where Effective-MaximumPasswordAge is defined in MS-SAMR section 220.127.116.11).
- msDS-UserPasswordExpiryTimeComputed = USER:pwdLastSet + Effective-MaximumPasswordAge (where Effective-MaximumPasswordAge is defined in MS-SAMR section 18.104.22.168).