We use an automation to disable any accounts that have "never logged on" in 40 x days. We use the "never logged on" report that I think checks the logoncount attribute
Yesterday, the script inadvertently disabled 55 x user accounts due to a WAN issue we had - which meant AD Manager could not enumerate ALL DC's. As the logoncount value is NOT replicated, the automation could only see the local DC (to which these users had never logged on, and therefore had shown a logoncount as '0')
I'd really like to see an option to warn or not run an automation such as this in the event of the automation NOT been able to receive all expected data from all DC's (in our case as an example)
Thanks