<#
.Synopsis
   Gets who added user to domain from the distinguishedName

.DESCRIPTION
   This script gets the creator owner of an active directory object based on the object's distinguishedname.
   Note that if the user is a member of "Domain Admins" or "Enterprise Admins" you will see the group name
   instead of the user name.

.PARAMETER DN
    The distinguishedname of an AD object

.EXAMPLE
    Get the owner/creator of user running script
    #First Get my DN
    $objUser = New-Object System.Security.Principal.NTAccount($env:USERDNSDOMAIN, $env:USERNAME)
    $strSID = ($objUser.Translate([System.Security.Principal.SecurityIdentifier])).Value
    $myDN = ([adsi]"LDAP://<SID=$strSID>").distinguishedName.value
    Get-ADObjectOwner $myDN

.EXAMPLE
    Take tab delimited list of DNS and get owners
    Import-Csv "$env:USERPROFILE\desktop\dnList.csv" -Delimiter "`t"|
    foreach {
    get-adobjectOwner $_.DistinguishedName
    } | export-csv $Env:userprofile\Desktop\WhoDunit.csv' -notypeInformation

.NOTES
    Alan Kaplan 11/18/2016

.URL
    www.akaplan.com/blog
#>


Function Get-ADObjectOwner
{
    [CmdletBinding()]
    Param
    (
        # distinguishedName of object
        [Parameter(Mandatory=$true,
                   ValueFromPipelineByPropertyName=$true,
                   Position=0)]
        $DN
    )

Begin{
 #Function to extract DNS domain name from Distinguished Name
 #It is faster to get this from the string than from AD
 Function Get-DomainFromDNString($strADsPath){    
        $strADsPath.Substring($strADsPath.IndexOf(",DC")).Replace(",DC=",".").Substring(1)    
        }
    }

Process{

$DomainDNSName = Get-DomainFromDNString $dn
#Test for the existence of an object in AD
if ([adsi]::Exists("LDAP://$DomainDNSName/$dn")) {

#Bind with ADSI accelerator, and use PSBase to get the owner
    $userObject = [ADSI]"LDAP://$DomainDNSName/$dn"
    $owner = $userObject.PSBase.get_ObjectSecurity().Owner
    $NTStyle= $owner.replace("\","/")
    $objOwner =[ADSI]"WinNT://$NTStyle"
    
    [PSCustomObject]@{
    Domain = $DomainDNSName
    UserDN = $dn
    Owner = $owner
    OwnerName = $objOwner.Name.value
    OwnerDescription = $objOwner.Properties.description.value
    Remarks = ''
    }

} ELSE{
    [PSCustomObject]@{
    Domain = $DomainDNSName
    UserDN = $dn
    Owner = ''
    OwnerName = ''
    OwnerDescription = ''
    Remarks = 'DistingishedName not found'
    }
} #End Else
 } #End Process
End    {}
} #End Function