Hi, Just wondering how/if this could be a problem. What if FIM is in one AD Site - Site A. While Exchange CAS is in another AD Site - Site B. If FIM creates a user on an AD DC in Site A, and then tries to execute the powershell Update-recipient cmdlet on the CAS server in Site B...and AD has not yet replicated the new user from Site A to Site B....the Exchange mailbox will not be created right away (if at all), correct? Is there a way to ensure that FIM speaks to the same AD DC that the CAS server connects to - so that AD latency issues dont prohibit the provisioning process? Thanks

I think that DomainController parameter of update-recipient powershell cmdlet which is being called by FIM AD MA is solving Your problem: http://technet.microsoft.com/en-us/library/bb738148.aspx This was often problem with Ex2007 and it was fixed with revision 6 or 9 of this cmdlet (if I remember correctly firs revision which claimed to have it fixed was 5) . MA is passing in this attribute name of DC on which operation was performed. Of course if nothing has changed in FIM AD MA behavior. Hope this helps

Hey S Tomasz is current - this was a problem in the past (where the DC name was ignored - http://support.microsoft.com/kb/963679/), but was resolved in Exch 2007 Service Pack 1 Rollup 9 - http://support.microsoft.com/?kbid=970162 Almero Steyn (http://www.puttyq.com) [If a post helps to resolve your issue, please click the "Mark as Answer" of that post or "Helpful" button of that post. By marking a post as Answered or Helpful, you help others find the answer faster.]

So if I am sitting with the following configuration, do you think I will experience a similar problem? SITE A: Contains: FIM 2010 Portal and Sync Service, 2 x Windows 2008 R2 DCs I am assuming FIM will provision users to a DC in its own AD Site, SITE A SITE B: Contains: Exchange 2010 CAS, HUB, Mailbox roles Also contains: a few Windows 2008 R2 DCs I am assuming FIM will run the Update-Recipient cmdlet against the CAS server in this Site, SITE B. This is where the problem might occur IMHO; if the new user created in SITE A has not yet replicated to a DC in SITE B, the powershell cmdlet would essentially fail since the user account is not there yet. Any comments? Thanks

OK, well, things work - they are just subject to AD replication latencies