From 8e16d5202479a82e6bd4c2ec8ed4669af1ba70f5 Mon Sep 17 00:00:00 2001
From: Jeff Bolduan <jbolduan@umn.edu>
Date: Mon, 6 Jan 2020 12:35:20 -0600
Subject: [PATCH 1/2] Added GetADGroupsByComputer

Get's the Active Directory groups for a specific computer.  Mimics the behavior of GetADGroupsByUser.
---
 .../ConfigMgrWebService.asmx.cs               | 42 +++++++++++++++++++
 1 file changed, 42 insertions(+)

diff --git a/ConfigMgrWebService/ConfigMgrWebService.asmx.cs b/ConfigMgrWebService/ConfigMgrWebService.asmx.cs
index dd1751b..0f006ff 100644
--- a/ConfigMgrWebService/ConfigMgrWebService.asmx.cs
+++ b/ConfigMgrWebService/ConfigMgrWebService.asmx.cs
@@ -3173,6 +3173,48 @@ public List<ADGroup> GetADGroupsByUser(string secret, string userName)
             return returnValue;
         }
 
+        [WebMethod(Description = "Get Active Directory groups for a specific computer")]
+        public List<ADGroup> GetADGroupsByComputer(string secret, string computerName)
+        {
+            MethodBase method = MethodBase.GetCurrentMethod();
+            MethodBegin(method);
+
+            //' Set return value variable
+            List<ADGroup> returnValue = new List<ADGroup>();
+
+            if (secret == secretKey)
+            {
+                //' Log that secret key was accepted
+                WriteEventLog("Secret key was accepted", EventLogEntryType.Information);
+
+                try
+                {
+                    //' Get AD computer object
+                    string computerDistinguishedName = GetADObject(computerName, ADObjectClass.Computer, ADObjectType.distinguishedName);
+
+                    //' Get AD groups for computer distinguished name
+                    ArrayList groupMemberships = new ArrayList();
+                    ArrayList groups = GetADAttributeValues("memberOf", computerDistinguishedName, groupMemberships, true);
+
+                    foreach(string group in groups)
+                    {
+                        string attributeValue = GetADAttributeValue(group, "samAccountName");
+                        returnValue.Add(new ADGroup() { DistinguishedName = group, samAccountName = attributeValue });
+                    }
+                }
+                catch (Exception ex)
+                {
+                    WriteEventLog($"An error occurred while retrieving Active Directory group memberships for user. Error message: {ex.Message }", EventLogEntryType.Error);
+                }
+            } else
+            {
+                WriteEventLog("Key mismatch " + secret + " != " + secretKey, EventLogEntryType.Error);
+            }
+
+            MethodEnd(method);
+            return returnValue;
+        }
+
         [WebMethod(Description = "Set the description field for a computer in Active Directory")]
         public bool SetADComputerDescription(string secret, string computerName, string description)
         {

From 344b997901327f6531e5d8ab0391fff219cfed09 Mon Sep 17 00:00:00 2001
From: Jeff Bolduan <jbolduan@umn.edu>
Date: Mon, 6 Jan 2020 13:11:31 -0600
Subject: [PATCH 2/2] Removed troubleshooting error log message

---
 ConfigMgrWebService/ConfigMgrWebService.asmx.cs | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/ConfigMgrWebService/ConfigMgrWebService.asmx.cs b/ConfigMgrWebService/ConfigMgrWebService.asmx.cs
index 0f006ff..e9b2d13 100644
--- a/ConfigMgrWebService/ConfigMgrWebService.asmx.cs
+++ b/ConfigMgrWebService/ConfigMgrWebService.asmx.cs
@@ -3206,9 +3206,6 @@ public List<ADGroup> GetADGroupsByComputer(string secret, string computerName)
                 {
                     WriteEventLog($"An error occurred while retrieving Active Directory group memberships for user. Error message: {ex.Message }", EventLogEntryType.Error);
                 }
-            } else
-            {
-                WriteEventLog("Key mismatch " + secret + " != " + secretKey, EventLogEntryType.Error);
             }
 
             MethodEnd(method);