This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Hi all. I'm new to PowerShell coding and require assistance if anyone can help me?
I work with a domain that has 5 domain controllers. 4 are local, 1 is remote and there is about a 20 minute replication delay between the locals and remote. This cannot be changed by me.
We build a lot of thin clients in a scripted sequence involving multiple reboots taking around 10 minutes. The final part of this sequence adds the client computer object into AD groups and moves it to a different OU.
The problem is this sequence doesn't always complete because the computer object was initially created on the remote AD server, while the latter update is being attempted on a local server whilst replication is yet to occur (or vice versa!)
As mentioned, I cannot adjust or change the replication times so I need to change the final sequence so that is searches all ad servers for the computer object and picks any servers that report the object exists rather than simply quit when it doesn't exist.
I found this great reply by Andreas Baumgarten which I thought was the answer: https://learn.microsoft.com/en-us/answers/questions/1153640
..and implemented it, but realised it wasn't working like I thought when it too fell over after replication hadn't happened.
Can someone please explain what code I need to fix the script so it searches all available AD controllers, and picks any of them that contains the computer object to continue with the changes so I no longer get this issue where slow replication trips up the sequence? The object will always exist on at least one server, it's just making sure it's used over the others that don't yet contain the object.
So goals summarised for the script
Code below
Get-ADDomainController | ForEach-Object {
try {
$compObj = Get-AdComputer -Identity $env:computername -Server $\_.Name -ErrorAction SilentlyContinue
if ($compObj) {
Set-ADComputer $env:computername -Description "T655 (Build Version 1.3)" -Server $\_
Add-ADGroupMember -Identity PatchMgr\_ThinClient\_Excluded -Members $env:computername$ -Server $\_
Get-ADComputer $env:computername | Move-ADObject -TargetPath ''
}
}
catch {
Write-Host "($\_)" -ForegroundColor Red
Pause
}
}
Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question. To protect privacy, user profiles for migrated questions are anonymized.
Hi,
You may want to try something like this.
$client = "client0"
$group = "group0"
$dcs = Get-ADDomainController -Filter *
foreach($dc in $dcs) {
try{
$comobj=Get-ADComputer -Server $dc -Identity $client
}
catch{
continue
}
Add-ADGroupMember -Identity $group -Members $comobj -Server $dc
break
}
You sir are a genius. Thank you, I marvel at how easy you made that look 🙂