Initial commit: Organized PowerShell scripts for ShopDB asset collection

Structure: - asset-collection/: Local PC data collection scripts - remote-execution/: WinRM remote execution scripts - setup-utilities/: Configuration and testing utilities - registry-backup/: GE registry backup scripts - winrm-https/: WinRM HTTPS certificate setup - docs/: Complete documentation Each folder includes a README with detailed documentation. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-10 10:57:54 -05:00
commit 62c0c7bb06
102 changed files with 28017 additions and 0 deletions
--- a/setup-utilities/Setup-WinRM.ps1
+++ b/setup-utilities/Setup-WinRM.ps1
@@ -0,0 +1,186 @@
+#Requires -RunAsAdministrator
+<#
+.SYNOPSIS
+    Sets up WinRM configuration for remote asset collection.
+
+.DESCRIPTION
+    This script configures WinRM settings to enable remote PowerShell execution
+    for asset collection across shopfloor computers.
+
+.PARAMETER TrustedHosts
+    Comma-separated list of trusted hosts (IP addresses or computer names).
+    Use "*" to trust all hosts (less secure but simpler).
+
+.PARAMETER TestConnection
+    Test WinRM connection to specified computers after setup.
+
+.EXAMPLE
+    .\Setup-WinRM.ps1 -TrustedHosts "10.48.130.100,10.48.130.101"
+
+.EXAMPLE
+    .\Setup-WinRM.ps1 -TrustedHosts "*"
+
+.NOTES
+    Author: System Administrator
+    Date: 2025-09-26
+    Version: 1.0
+#>
+
+param(
+    [Parameter(Mandatory=$false)]
+    [string]$TrustedHosts = "",
+
+    [Parameter(Mandatory=$false)]
+    [string[]]$TestConnection = @()
+)
+
+function Show-WinRMStatus {
+    Write-Host "=== Current WinRM Configuration ===" -ForegroundColor Cyan
+
+    try {
+        $winrmStatus = Get-Service WinRM
+        Write-Host "WinRM Service Status: $($winrmStatus.Status)" -ForegroundColor $(if($winrmStatus.Status -eq 'Running') {'Green'} else {'Red'})
+
+        $listeners = winrm enumerate winrm/config/listener
+        Write-Host "WinRM Listeners: $($listeners.Count) configured" -ForegroundColor Gray
+
+        $trustedHosts = (Get-Item WSMan:\localhost\Client\TrustedHosts).Value
+        Write-Host "Current Trusted Hosts: $trustedHosts" -ForegroundColor Gray
+
+    } catch {
+        Write-Host "Error checking WinRM status: $($_.Exception.Message)" -ForegroundColor Red
+    }
+    Write-Host ""
+}
+
+function Enable-WinRMConfiguration {
+    param([string]$TrustedHosts)
+
+    Write-Host "=== Configuring WinRM ===" -ForegroundColor Cyan
+
+    try {
+        # Enable PowerShell Remoting
+        Write-Host "Enabling PowerShell Remoting..." -ForegroundColor Yellow
+        Enable-PSRemoting -Force -SkipNetworkProfileCheck
+        Write-Host "[OK] PowerShell Remoting enabled" -ForegroundColor Green
+
+        # Start WinRM service
+        Write-Host "Starting WinRM service..." -ForegroundColor Yellow
+        Start-Service WinRM
+        Set-Service WinRM -StartupType Automatic
+        Write-Host "[OK] WinRM service started and set to automatic" -ForegroundColor Green
+
+        # Configure trusted hosts if specified
+        if (-not [string]::IsNullOrEmpty($TrustedHosts)) {
+            Write-Host "Setting trusted hosts to: $TrustedHosts" -ForegroundColor Yellow
+            Set-Item WSMan:\localhost\Client\TrustedHosts -Value $TrustedHosts -Force
+            Write-Host "[OK] Trusted hosts configured" -ForegroundColor Green
+        } else {
+            Write-Host "[SKIP] No trusted hosts specified" -ForegroundColor Yellow
+        }
+
+        # Configure firewall
+        Write-Host "Configuring Windows Firewall..." -ForegroundColor Yellow
+        try {
+            Set-NetFirewallRule -DisplayName "Windows Remote Management (HTTP-In)" -Enabled True
+            Write-Host "[OK] Firewall rule enabled" -ForegroundColor Green
+        } catch {
+            Write-Host "[WARN] Could not configure firewall rule: $($_.Exception.Message)" -ForegroundColor Yellow
+        }
+
+        # Set authentication
+        Write-Host "Configuring authentication..." -ForegroundColor Yellow
+        Set-Item WSMan:\localhost\Service\Auth\Basic -Value $true
+        Set-Item WSMan:\localhost\Service\Auth\CredSSP -Value $true
+        Write-Host "[OK] Authentication configured" -ForegroundColor Green
+
+        Write-Host ""
+        Write-Host "WinRM configuration completed successfully!" -ForegroundColor Green
+
+    } catch {
+        Write-Host "Error configuring WinRM: $($_.Exception.Message)" -ForegroundColor Red
+        return $false
+    }
+
+    return $true
+}
+
+function Test-WinRMConnections {
+    param([string[]]$Computers)
+
+    if ($Computers.Count -eq 0) {
+        return
+    }
+
+    Write-Host "=== Testing WinRM Connections ===" -ForegroundColor Cyan
+
+    $credential = Get-Credential -Message "Enter credentials for testing remote connections"
+    if (-not $credential) {
+        Write-Host "No credentials provided for testing" -ForegroundColor Yellow
+        return
+    }
+
+    foreach ($computer in $Computers) {
+        Write-Host "Testing connection to $computer..." -NoNewline
+
+        try {
+            $session = New-PSSession -ComputerName $computer -Credential $credential -ErrorAction Stop
+            Remove-PSSession $session
+            Write-Host " [OK]" -ForegroundColor Green
+        } catch {
+            Write-Host " [FAIL] $($_.Exception.Message)" -ForegroundColor Red
+        }
+    }
+    Write-Host ""
+}
+
+function Show-NextSteps {
+    Write-Host "=== Next Steps ===" -ForegroundColor Cyan
+    Write-Host ""
+    Write-Host "1. Ensure target computers have WinRM enabled:" -ForegroundColor Yellow
+    Write-Host "   Run this script on each target computer:" -ForegroundColor White
+    Write-Host "   .\Setup-WinRM.ps1" -ForegroundColor Gray
+    Write-Host ""
+    Write-Host "2. Create your computer list file:" -ForegroundColor Yellow
+    Write-Host "   Copy shopfloor-pcs-example.txt to shopfloor-pcs.txt" -ForegroundColor White
+    Write-Host "   Edit the file to include your actual computer IP addresses" -ForegroundColor White
+    Write-Host ""
+    Write-Host "3. Test connections:" -ForegroundColor Yellow
+    Write-Host "   .\Invoke-RemoteAssetCollection.ps1 -ComputerList @('10.48.130.100') -TestConnections" -ForegroundColor Gray
+    Write-Host ""
+    Write-Host "4. Run asset collection:" -ForegroundColor Yellow
+    Write-Host "   .\Invoke-RemoteAssetCollection.ps1 -ComputerListFile .\shopfloor-pcs.txt" -ForegroundColor Gray
+    Write-Host "   or" -ForegroundColor White
+    Write-Host "   .\Run-RemoteCollection.bat" -ForegroundColor Gray
+    Write-Host ""
+}
+
+# Main execution
+try {
+    Write-Host "=== WinRM Setup Script ===" -ForegroundColor Cyan
+    Write-Host "Date: $(Get-Date)" -ForegroundColor Gray
+    Write-Host ""
+
+    # Show current status
+    Show-WinRMStatus
+
+    # Configure WinRM
+    $success = Enable-WinRMConfiguration -TrustedHosts $TrustedHosts
+
+    if ($success) {
+        # Show updated status
+        Show-WinRMStatus
+
+        # Test connections if requested
+        if ($TestConnection.Count -gt 0) {
+            Test-WinRMConnections -Computers $TestConnection
+        }
+
+        # Show next steps
+        Show-NextSteps
+    }
+
+} catch {
+    Write-Host "Fatal error: $($_.Exception.Message)" -ForegroundColor Red
+    exit 1
+}