Detect when active directory user attribute change was replicated to all DC's


  • hello,
    i have a script that automatically synchronize users from HR database on active directory.

    there are situation when i need to make multiple modification to a user - for example: change different user attributes (like title / department ..etc and then apply new email policy.

    if the mail policy is applied before all domain controllers have replicated the new attributes for the user - then the wrong policy is applied.

    At this moment i'm querying all DC's - one by one and i make sure that the new attribute was replicated - but there's a lot of code and is hard to maintain.

    is there any easy way to detect when an active directory user attribute change was replicated to all DC's in domain ?

    i have read about USN - but from what i manage to understand is not possible to use this as it is an attribute that is not replicated (it does not have the same value on all DC's).

    ps: why do a need to make sure the the user is replicated on all DC's ? It is because i can't know for sure on witch DC will the exchange server use when is making the change. I have try to add "-Computername" to the Set-Mailbox cmdlet but it doesn't change anything - i still end up on a DC on which the new attribute value was not replicated.


    • Moved by jrv Wednesday, June 13, 2018 9:53 PM correct forum
    Wednesday, June 13, 2018 9:49 PM


  • Hi,

    You could just specify the domain controller you want to run the command against using -DomainController

    Set-Mailbox -DomainController

    • Marked as answer by octavmarius Thursday, June 14, 2018 4:04 PM
    Thursday, June 14, 2018 11:42 AM

All replies