diff --git a/Features/DeviceUIExtension.cs b/Features/DeviceUIExtension.cs index 5aa8758..9618141 100644 --- a/Features/DeviceUIExtension.cs +++ b/Features/DeviceUIExtension.cs @@ -25,7 +25,7 @@ namespace Disco.Plugins.ADCompare.Features try { var adAccount = ActiveDirectory.RetrieveADMachineAccount( - device.DeviceDomainId, + device.DeviceDomainId, new[] { "managedBy", "lastLogonTimestamp" }); if (adAccount == null) @@ -41,35 +41,28 @@ namespace Disco.Plugins.ADCompare.Features var hasManagedBy = !string.IsNullOrEmpty(managedByDN); var hasAssignment = !string.IsNullOrEmpty(discoAssignedUser); - string adManagedByUserId = null; - string adManagedByName = null; + // Extract display name from managedBy DN + string managedByDisplayName = hasManagedBy ? ExtractCNFromDN(managedByDN) : null; - if (hasManagedBy) + // Look up the Disco assigned user's DN in AD for comparison + string assignedUserDN = null; + if (hasAssignment) { try { - var managedByUser = ActiveDirectory.RetrieveADUserAccount(managedByDN); - if (managedByUser != null) - { - adManagedByUserId = managedByUser.Id; - adManagedByName = managedByUser.DisplayName; - } - else - { - adManagedByUserId = managedByDN; - } - } - catch - { - adManagedByUserId = managedByDN; + var assignedUserAD = ActiveDirectory.RetrieveADUserAccount(discoAssignedUser); + if (assignedUserAD != null) + assignedUserDN = assignedUserAD.DistinguishedName; } + catch { } } + // Compare DN-to-DN bool isMatch = false; if (!hasAssignment && !hasManagedBy) isMatch = true; - else if (hasAssignment && hasManagedBy) - isMatch = string.Equals(discoAssignedUser, adManagedByUserId, StringComparison.OrdinalIgnoreCase); + else if (hasAssignment && hasManagedBy && assignedUserDN != null) + isMatch = string.Equals(assignedUserDN, managedByDN, StringComparison.OrdinalIgnoreCase); html.Append(""); @@ -106,13 +99,7 @@ namespace Disco.Plugins.ADCompare.Features html.Append(""); + // Last Logon var lastLogonTicks = adAccount.GetPropertyValue("lastLogonTimestamp"); html.Append("
AD Managed By"); if (hasManagedBy) { - html.Append(Encode(adManagedByUserId)); - if (!string.IsNullOrEmpty(adManagedByName)) - { - html.Append(" ("); - html.Append(Encode(adManagedByName)); - html.Append(")"); - } + html.Append(Encode(managedByDisplayName ?? managedByDN)); } else { @@ -120,6 +107,7 @@ namespace Disco.Plugins.ADCompare.Features } html.Append("
Last Login"); if (lastLogonTicks > 0) @@ -166,6 +154,18 @@ namespace Disco.Plugins.ADCompare.Features return Literal(html.ToString()); } + private string ExtractCNFromDN(string dn) + { + if (string.IsNullOrEmpty(dn)) return null; + if (dn.StartsWith("CN=", StringComparison.OrdinalIgnoreCase)) + { + var commaIndex = dn.IndexOf(','); + if (commaIndex > 3) return dn.Substring(3, commaIndex - 3); + return dn.Substring(3); + } + return dn; + } + private string Encode(string value) { if (string.IsNullOrEmpty(value)) return "";