1

I'm working with Active Directory, and I must recognise the owner of a specific computer.

With the code below I can find this computer by the "CN" name:

        string ldapString = $"LDAP://OU=*****,DC=*****,DC=*****";
        DirectoryEntry entry = new(ldapString);

        DirectorySearcher search = new(entry);
        search.SearchScope = SearchScope.Subtree;
        search.Filter = $"(&(objectClass=computer)(CN={computerName}))";
        var result = search.FindOne();

I found a solution here How do you get the Owner of a Computer in AD? (with .NET Core) how can i get the company as owner but i need a user (employee) samAccounName or userPrincipalName who last used it?

Is it possible or not to get the last user of the found computer? Thanks!

Panagiotis Kanavos
  • 120,703
  • 13
  • 188
  • 236
argunho
  • 11
  • 2
  • 1
    Define "owner" in this context. What makes a user an "owner" of a computer? Is this information already in your AD in some form? – Charlieface Jul 06 '23 at 10:55
  • The last user isn't the "owner". You're looking for the last interactive login on the machine. That's not stored in AD, that's an event on the computer's Event log – Panagiotis Kanavos Jul 06 '23 at 11:20
  • Thank you for your comments! @Charlieface - No, I haven't this information, at least i didn't find it – argunho Jul 06 '23 at 15:39
  • @Panagiotis Kanavos - I don't know much about Active Directory and I suspect that I am trying to find it in the wrong way. Your comment confirms this. – argunho Jul 06 '23 at 15:42
  • Well if you can't work out where you would see the information even in the UI, how do you want us to help? I don't think the info you desire exists. The last user is simply not stored in AD, you'd need to get out of the Event log, and that's going to be slow and unreliable. – Charlieface Jul 06 '23 at 15:59
  • @Charlieface - I asked about whether is it possible or not, and I now know that it is impossible. Thanks! – argunho Jul 06 '23 at 19:28
  • @argunho this has nothing to do with AD. It's human language. The last person to use a computer isn't the computer's owner. `I now know that it is impossible.` wrong. You asked something completely different and people told you it *is* possible. It's also possible to find the last logged on user, *from the computer itself*. That information *can* be retrieved through WMI – Panagiotis Kanavos Jul 07 '23 at 07:19
  • @argunho in fact, if you search for your *actual* question, how to find the last logged on user, you'll find several related or even duplicate questions. – Panagiotis Kanavos Jul 07 '23 at 07:20
  • @Panagiotis Kanavos - I was wondering if it is possible to retrieve information from AD to bind the relationship between two classes Users and Computers without using any other source. You said it has nothing to do with AD and by `I now know it's impossible' I meant exactly that. There is no need to discuss this further, I understood your explanation about it. – argunho Jul 07 '23 at 08:22

1 Answers1

0

i think it is good for find owner comupter try this code below to complete your code

using System;
using System.DirectoryServices;

string ldapString = $"LDAP://OU=*****,DC=*****,DC=*****";
DirectoryEntry entry = new DirectoryEntry(ldapString);

DirectorySearcher search = new DirectorySearcher(entry);
search.SearchScope = SearchScope.Subtree;
search.Filter = $"(&(objectClass=computer)(CN={computerName}))";
var result = search.FindOne();

if (result != null)
{
    DirectoryEntry computerEntry = result.GetDirectoryEntry();

    if (computerEntry.Properties.Contains("managedBy"))
    {
        string ownerDN = computerEntry.Properties["managedBy"][0].ToString();

        // Get the owner user or group object
        DirectoryEntry ownerEntry = new DirectoryEntry($"LDAP://{ownerDN}");
        string ownerName = ownerEntry.Properties["sAMAccountName"][0].ToString();

        // Do something with the owner value
        Console.WriteLine($"Computer Owner: {ownerName}");
    }
    else
    {
        // No owner information found
Console.WriteLine("No owner information found");
    }
}
else
{
  Console.WriteLine("Computer not found");
}
Anh Dang Vien
  • 180
  • 8
  • Thanks for your reply! Sorry, I originally worded the question wrong, but I've edited it. I have already tried some similar ways and tried your solution as well but couldn't find the last user as owner. I could find this computer before and now but no owner. This line: string owner = computer. Owner; in your code got showing me an error because of this parameter computer. Owner in my case is missing in ComputerPrincipal parameters. Is the Owner parameter the extension parameter? I already tried to get the Sid of the computer and got it but cannot find the UserPrincipal user who matches that. – argunho Jul 06 '23 at 10:15
  • @argunho already added my question please try again – Anh Dang Vien Jul 06 '23 at 11:14
  • Thank you for your help! Your code looks good and maybe it would work but in my case in my `DirectoryEntry computerEntry = result.GetDirectoryEntry();` the parameter "managedBy" is missing and I can't test the rest of the code that is in if statement. I have only 40 parameters, see below in the next comment ... – argunho Jul 06 '23 at 14:05