cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Move and Rename Computer Object Despite Slow DC Syncronization

ssstier
Copper Contributor

‎Dec 02 2020 09:08 AM - edited ‎Dec 02 2020 09:09 AM

‎Dec 02 2020 09:08 AM - edited ‎Dec 02 2020 09:09 AM

Move and Rename Computer Object Despite Slow DC Syncronization

 

 

At my workplace, I configure properties of computer objects in my domain using PowerShell. Specifically, I change the name of a computer, then move it to its respective organizational unit. Seems simple enough, right? Unfortunately, my Powershell script only works intermittently due to domain controllers not syncing fast enough? Allow me to explain exactly what happens by showing commands. Note that each command works fine when run separately.

 

$computername = 'oldname'

$newcomputername = 'newname'

$path = 'someworkingpath'

 

Rename-Computer -ComputerName $computername -NewName $newcomputername -DomainCredential $credential -Restart

 

Get-ADComputer -ComputerName $newcomputername | Move-ADObject -TargetPath $Path

 

After Rename-Computer is executed, the name is changed, but changes are slow to synchronize across the 10 other domain controllers in my domain. Then once Get-ADComputer is executed, the newcomputername cannot be located. Changing the Get-ADComputer command to get the $oldcomputername causes strange behavior. Given that I do not have access to change domain controller settings myself, is there anything I can do to make these commands run one after the other despite having domain controllers that are slow to sync?

 

1,615 Views
0 Likes
1 Reply
Reply
1 Reply
NZScottie

‎Dec 12 2020 12:33 PM

‎Dec 12 2020 12:33 PM

Re: Move and Rename Computer Object Despite Slow DC Syncronization

@ssstier I have come across similar behaviour in a few of my scripts in multi domain controller environments with delayed replication timings around sites.

 

I found that I have to explicitly name the domain controller to which I am making the calls. This way I control the domain controller my powershell calls are being made against and know that when making subsequent queries the domain controller has the 'most up-to-date version' of the object (before full replication has taken place).

 

In your example, I would try getting the DC that the computer being renamed is communicating with and pass that through to the -server parameter in the Get-ADComputer command and see if that helps reduce the amount of strange behaviour you experience.

 

Hope this makes sense and helps set you in the right direction for having a more stable script.

0 Likes
Reply