i have an exchange 2007 with 2 domains controllers , i have ps1 scripts that open new users, mostly its working but from time to time , the script isnt working because im on a diffrent domain , and than i need to edit the script and change the domain example : "$dc = domaincontroller1" "Using DC - $DC to create the mailbox" and in order to fix it i need to change the script to "$dc = domaincontroller2" how can i make the script to retrieve which dc it works on , and automaticly insert/modify the correct dc in to the script . Thanks, Johnny

if both DC are in the same domain (1 forest - 1 domain), you dont need to change DC, however you may have some latency with AD replication, just add a Start-Sleep to delay operations. If there are multiple domains in the same forest, you can use the $AdminSessionADSettings.ViewEntireForest = $true to change the script scope to the entire forest. If there are multiple forest, you have to rely on request on each forest to search where the user belong and adjust your $dc to the correct forest.

ahm dont know if the effect of entire forest is correct , the 2 dcs are in the same domain and forest, but its designed as cloud , meaning those scripts are preveting companies that we give IT services to see each other's domain or users , and if i make it to entire forest , it can be a problem , so i need in the script something that can "get" the dc that i work with , and modify the $dc setting to the correct dc . because its a cloud design i prefer not to make adjustment in the forest level . Thanks, Johnny

If there are only 2 DCs, you could use try/catch. Use the first DC in the Try block, and if it throws an error that will invoke the Catch block, where you can try it again with the other DC. [string](0..33|%{[char][int](46+("686552495351636652556262185355647068516270555358646562655775 0645570").substring(($_*2),2))})-replace " "

im sorry but dont know the try/catch command , any example that i can understand it ?

Try {new-mailbox -domaincontroller DC1 ......... -erroraction 'Stop'} Catch {new-mailbox -domaincontroller DC2 .........} PS will attempt to run whatever is in the Try block. If a terminting error occurs it will then run whatever is in the following Catch block. Note that it must be a terminating error (that's why the -erroraction 'Stop' parameter is used on the command in the Try block). [string](0..33|%{[char][int](46+("686552495351636652556262185355647068516270555358646562655775 0645570").substring(($_*2),2))})-replace " "

Try {new-mailbox -domaincontroller DC1 ......... -erroraction 'Stop'} Catch {new-mailbox -domaincontroller DC2 .........} PS will attempt to run whatever is in the Try block. If a terminting error occurs it will then run whatever is in the following Catch block. Note that it must be a terminating error (that's why the -erroraction 'Stop' parameter is used on the command in the Try block). [string](0..33|%{[char][int](46+("686552495351636652556262185355647068516270555358646562655775 0645570").substring(($_*2),2))})-replace " "

On Wed, 25 Jul 2012 08:38:52 +0000, MagicMan007 wrote: > > >i have an exchange 2007 with 2 domains controllers , i have ps1 scripts that open new users, mostly its working but from time to time , the script isnt working because im on a diffrent domain , and than i need to edit the script and change the domain > >example : > >"$dc = domaincontroller1" > >"Using DC - $DC to create the mailbox" > >and in order to fix it i need to change the script to "$dc = domaincontroller2" > >how can i make the script to retrieve which dc it works on , and automaticly insert/modify the correct dc in to the script . Wouldn't "Get-ADDomainController" work if you used the "-Discover -ForceDiscover" switches? That should return a single DC in the AD site where the script runs. --- Rich Matheisen MCSE+I, Exchange MVP --- Rich Matheisen MCSE+I, Exchange MVP

I think you can follow mjolinor's suggestion, use try/catch command. Thanks, EvanEvan Liu TechNet Community Support

ok i see what you mean but it doesnt fit to the script , here are the stages in the script for your better understanding : stage1: "1 of 12" $DC = "dc1.domain.net" "Using DC - $DC to create the mailbox" $context = new-object System.DirectoryServices.ActiveDirectory.DirectoryContext([System.DirectoryServices.ActiveDirectory.DirectoryContextType]::DirectoryServer, $DC) $domain = [System.DirectoryServices.ActiveDirectory.Domain]::GetDomain($context) $root = $domain.psbase.GetDirectoryEntry() # check if the 'Companies' ou exists $orgs = $null $orgs = $root.psbase.Children.psbase.Find("OU=blabla") if ($orgs -eq $null) { " " write-host "Cannot find an OU named 'Companies'"; exit " " } #----------------------------- #----------------------------- stage 2 : "2 of 12" "Enter User Company Name:" $UserCompany = "company" #[Console]::ReadLine().Trim() " " #check for this companies OU #-------------------------------- #-------------------------------- # find the org itself $newOrg = $null $newOrg = $orgs.psbase.Children.psbase.Find("ou="+$userCompany) if ($newOrg -eq $null) { " " write-host "Cannot find an OU named" $userCompany " " exit } #--------------------------------- #--------------------------------- stage 3 : "3 of 12" "Enter User First Name:" $UserFirst = [Console]::ReadLine() $UserFirst = $UserFirst.Trim() " " stage 4 : "4 of 12" "Enter User Last Name:" $UserLast = [Console]::ReadLine() $UserLast = $UserLast.Trim() " " stage 5 : "5 of 12" do { "Enter User UPN:" $UserUPN = [Console]::ReadLine() $userUPN = $UserUPN.Trim() $tmpUser = Get-User -Filter {UserPrincipalName -eq $userUPN} if($tmpUser -ne $null) { write-host "The upn already exists in the directory! Please enter a unique UPN" } } while($tmpUser -ne $null)" " stage 6 : "6 of 12, parsing UPN name" " " $useralias = $userUPN.split("@")[0] $userdomain = $userUPN.split("@")[1] $userFull = $UserFirst + " " + $UserLast $UserOU = domain.net/blabla/" + $UserCompany $SamAccountName = $userAlias stage 7 : "7 of 12, creating mailbox" New-Mailbox -Name $UserFull -Alias $UserAlias -OrganizationalUnit $UserOU -UserPrincipalName $UserUPN -SamAccountName $SamAccountName -FirstName $UserFirst -LastName $UserLast -ResetPasswordOnNextLogon $false -Database "company" -domaincontroller $DC stage 8 : "8 of 12, setting customattribute1 to $userCompany" set-mailbox "$userAlias" -customattribute1 "$userCompany" -offlineaddressbook "company OAB" -domaincontroller $DC -EmailAddressPolicyEnabled $false -emailAddresses ("SMTP:" + $userAlias + "@" + $userDomain) -windowsEmailAddress ($useralias + "@" + $userdomain) stage 9 : "9 of 12, adding $userAlias to $usercompany security group" add-distributiongroupmember "company" -member "$userAlias" -domaincontroller $DC stage 10 : "10 of 12, updating Address List" update-addresslist "company AL" #============================= # Mailbox Confirmation Section #============================= $a1 = get-mailbox $UserAlias $a2 = $a1.name $a3 = $a1.addresslistmembership $a4 = $a1.OfflineAddressBook $a5 = $a1.userprincipalname $a6 = $a1.organizationalunit $a7 = $a1.customattribute1 $a8 = $a1.distinguishedname $a10 = $a1.emailaddresses stage 11: "11 of 12, Setting msExchQueryBaseDN" #To Bind: $user = ([ADSI]"LDAP://$a8").psbase; #To Modify: $user.Properties["msExchQueryBaseDN"].Value = "ou=$a7,ou=bla,dc=domain,dc=int"; $user.CommitChanges(); $a9 = $user.Properties["msExchQueryBaseDN"] $a9b =$user.Properties["memberof"] stage 12: "12 of 12, Display Attributes" " " "Address List Membership: $a3" "Alias: $userAlias" "CustomAttribute1: $a7" "DN: $a8" "Email Addresses: $a10" "Memberof: $a9b" "mxExchQueryBaseDN: $a9" "Offline Address Book: $a4" "UPN: $a5" "OU: $a6" "User Name: $a2" " " if the error comes at phase 11 , i need to correct the dc in phase 1 in order to fix it - ofcourse i need to delete the mailbox it created fix the script and re launch it , the error in phase 11 is : "Exception calling "CommtChanges" with "0" argument(s): "A constraint violation occureed. (Exception from HRESULT: 0x8007202F At c:\scripts\script.ps1:187 char:20 +$userCommitChanges <<<< (); +CategoryInfo :NotSpecified: (:) [], ParentContainsErrorRecordException +FullyQualifiedErrorId: DotNetMethodExceptioon"

I'm not understanding your description of the environment. In the initial post, you said: the script isnt working because im on a diffrent domain , and than i need to edit the script and change the domain But then in a subsequent reply: the 2 dcs are in the same domain and forest, [string](0..33|%{[char][int](46+("686552495351636652556262185355647068516270555358646562655775 0645570").substring(($_*2),2))})-replace " "

2 dcs in the same forest , and a lot of domains , not just one domain

Still not clear. 2 dcs implies 2 (AD) domains. Do you mean lots of smtp domains?[string](0..33|%{[char][int](46+("686552495351636652556262185355647068516270555358646562655775 0645570").substring(($_*2),2))})-replace " "

yep lots of smtp domains

Create a hashtable of smtp domains, with the DC for that domain as the value. Use that to determine which is the appropriate DC to use for the address of the smtp domain for the user.[string](0..33|%{[char][int](46+("686552495351636652556262185355647068516270555358646562655775 0645570").substring(($_*2),2))})-replace " "

Create a hashtable of smtp domains, with the DC for that domain as the value. Use that to determine which is the appropriate DC to use for the address of the smtp domain for the user.[string](0..33|%{[char][int](46+("686552495351636652556262185355647068516270555358646562655775 0645570").substring(($_*2),2))})-replace " "