Who joined what computer account to domain

setlocal

if %1z == z echo Find who joined what computer account to domain& set /p PCName=(use SAMAccount, (EX: %COMPUTERNAME%, not FQDN): &goto main
set PCName=%1

:main
rem note this is back single quote, ` and not '
rem put DN into environment variable DN

for /f "usebackq delims=;" %%x in (`dsquery computer forestroot  -samid %PCName%$`) do (
      SET DN=%%x
)


REM Find the line you want
for /f "usebackq delims=;" %%x in (`dsacls %DN% ^| find /i "DNS" ^| find /v "SELF"`) do (
      SET output=%%x
)

cls
rem start at 6, go thru 25. Should be enough
set ObjCreator=%output:~6,25%

set ObjCreator | find "Domain Admins" > nul
if %errorlevel%==0 goto DA

set ObjCreator | find "Enterprise Admins" > nul
if %errorlevel%==0 goto EA

:IsEmpty
set ObjCreator | find "\" > nul
if %errorlevel%==1 goto NotFound

echo %PCName% joined to the domain by %ObjCreator%
for /f "tokens=1,2 delims=\" %%a in ("%ObjCreator%") do set NTName=%%b
dsquery user forestroot -samid %NTName% -o rdn
Goto DateCreated

:DA
echo %PCName% joined by a member of Domain Admins. 
echo They are not individually identified in AD.
goto DateCreated

:EA
echo %PCName% joined by a member of Enterprise Admins. 
echo They are not individually identified in AD.
Goto DateCreated

:DateCreated
Echo.
echo AD account creation:
dsquery * forestroot -filter "(&(objectCategory=computer)(samaccountname=%PCName%$))" -attr whenCreated
Goto End

:NotFound
Echo Computer account %PCName% was not found

:end
Endlocal
pause