diff --git a/Features/DeviceCompareService.cs b/Features/DeviceCompareService.cs
index b40c313..362ee88 100644
--- a/Features/DeviceCompareService.cs
+++ b/Features/DeviceCompareService.cs
@@ -17,15 +17,10 @@ namespace Disco.Plugins.ADCompare.Features
this.database = database;
}
- ///
- /// Compare all Disco devices' assigned users against the AD computer managedBy field.
- /// Only considers active (not decommissioned) devices with a domain ID.
- ///
public DeviceComparisonSummary CompareAllDevices()
{
var summary = new DeviceComparisonSummary();
- // Load active devices that have a domain computer account
var devices = database.Devices
.Include("AssignedUser")
.Where(d => d.DeviceDomainId != null && d.DecommissionedDate == null)
@@ -50,24 +45,18 @@ namespace Disco.Plugins.ADCompare.Features
return summary;
}
- ///
- /// Compare a single device's Disco assignment against AD managedBy.
- ///
public DeviceComparisonResult CompareDevice(Device device)
{
- var result = new DeviceComparisonResult
- {
- SerialNumber = device.SerialNumber,
- DeviceDomainId = device.DeviceDomainId,
- ComputerName = device.ComputerName,
- DiscoAssignedUserId = device.AssignedUserId,
- DiscoAssignedUserDisplayName = device.AssignedUser?.DisplayName,
- HasAssignment = !string.IsNullOrEmpty(device.AssignedUserId)
- };
+ var result = new DeviceComparisonResult();
+ result.SerialNumber = device.SerialNumber;
+ result.DeviceDomainId = device.DeviceDomainId;
+ result.ComputerName = device.ComputerName;
+ result.DiscoAssignedUserId = device.AssignedUserId;
+ result.DiscoAssignedUserDisplayName = device.AssignedUser != null ? device.AssignedUser.DisplayName : null;
+ result.HasAssignment = !string.IsNullOrEmpty(device.AssignedUserId);
try
{
- // Look up the computer in AD, requesting the managedBy attribute
var adAccount = ActiveDirectory.RetrieveADMachineAccount(device.DeviceDomainId, new[] { "managedBy" });
if (adAccount == null)
@@ -80,12 +69,10 @@ namespace Disco.Plugins.ADCompare.Features
result.FoundInAD = true;
result.ADAccountDisabled = adAccount.IsDisabled;
- // Get the managedBy DN from AD
var managedByDN = adAccount.GetPropertyValue("managedBy");
result.ADManagedByDN = managedByDN;
result.HasManagedBy = !string.IsNullOrEmpty(managedByDN);
- // Resolve managedBy DN to a DOMAIN\username
if (result.HasManagedBy)
{
try
@@ -98,17 +85,15 @@ namespace Disco.Plugins.ADCompare.Features
}
else
{
- result.ADManagedByUserId = managedByDN; // fallback to DN
+ result.ADManagedByUserId = managedByDN;
}
}
catch
{
- // If we can't resolve the DN, store it raw
result.ADManagedByUserId = managedByDN;
}
}
- // Now compare
result.IsMatch = DetermineMatch(result);
if (!result.IsMatch)
{
@@ -118,35 +103,26 @@ namespace Disco.Plugins.ADCompare.Features
catch (Exception ex)
{
result.FoundInAD = false;
- result.MismatchReason = $"AD lookup error: {ex.Message}";
+ result.MismatchReason = "AD lookup error: " + ex.Message;
}
return result;
}
- ///
- /// Determine if the Disco assignment matches the AD managedBy.
- ///
private bool DetermineMatch(DeviceComparisonResult result)
{
- // Both empty = match (neither has an assignment)
if (!result.HasAssignment && !result.HasManagedBy)
return true;
- // One has assignment, other doesn't = mismatch
if (result.HasAssignment != result.HasManagedBy)
return false;
- // Both have values - compare the user IDs (case-insensitive)
return string.Equals(
result.DiscoAssignedUserId,
result.ADManagedByUserId,
StringComparison.OrdinalIgnoreCase);
}
- ///
- /// Generate a human-readable reason for the mismatch.
- ///
private string DetermineMismatchReason(DeviceComparisonResult result)
{
if (!result.FoundInAD)
@@ -159,7 +135,7 @@ namespace Disco.Plugins.ADCompare.Features
return "Not assigned in Disco but AD managedBy is set";
if (result.HasAssignment && result.HasManagedBy)
- return $"Different users: Disco={result.DiscoAssignedUserId}, AD managedBy={result.ADManagedByUserId}";
+ return string.Format("Different users: Disco={0}, AD managedBy={1}", result.DiscoAssignedUserId, result.ADManagedByUserId);
return "Unknown mismatch";
}