How do you get the Owner of a Computer in AD? (with .NET Core)

Question

Trying to find who joined the computer to the domain. But in C# (.NET Core).

This is the exact answer (the question title is not worded well): Powershell ADSI ntSecurityDescriptor

$Computer = [ADSI](([ADSISearcher]"(name=myComputer)").FindOne().Path)
$Computer.PsBase.ObjectSecurity.Owner

Alternatively, you can do this, but you need to have the Active Directory Module installed:

(Get-ADComputer myComputer -Server some.domain.com -Properties nTSecurityDescriptor).nTSecurityDescriptor.Owner

My assumption is that this returns who joined the computer to the domain, but I don't know how this actually works. However this seems like the data I need, but I want to do this in C#.

Answer 1

This is what I've figured out based on StephenP's answer from that Powershell ADSI ntSecurityDescriptor question

string ldapPath = "LDAP://DC=some,DC=domain,DC=com";
DirectoryEntry searchRoot = new DirectoryEntry(ldapPath);

DirectorySearcher search = new DirectorySearcher(searchRoot)
{
    SearchScope = SearchScope.Subtree,
    Filter = "(&" +
        "(objectClass=computer)" +
        "(CN=machineName)"
    ")"
};

var result = search.FindOne();

// if GetOwner doesn't return null, then it will contain the SID (call .Value)
result.GetDirectoryEntry().ObjectSecurity.GetOwner(typeof(System.Security.Principal.NTAccount)); 

//this will translate the SID to a domain\username format, but will throw IdentityNotMappedException if it can't translate
result.GetDirectoryEntry().ObjectSecurity.GetOwner(typeof(System.Security.Principal.SecurityIdentifier)); 

Hope this works in your AD environment as well...