# Deployment Guide ## Deployment Overview The GE Manufacturing Asset Management Scripts support multiple deployment strategies for enterprise manufacturing environments, from single-PC execution to large-scale automated rollouts across hundreds of manufacturing systems. ## Prerequisites ### System Requirements - **Operating System**: Windows 10/11, Windows Server 2016+ - **PowerShell**: Version 5.1 or later - **Execution Policy**: RemoteSigned or Unrestricted - **Network Access**: HTTP connectivity to dashboard API - **Permissions**: Administrator rights recommended ### Environment Preparation ```powershell # Check PowerShell version $PSVersionTable.PSVersion # Check execution policy Get-ExecutionPolicy # Set execution policy (if needed) Set-ExecutionPolicy RemoteSigned -Scope CurrentUser ``` ## Deployment Methods ### Method 1: Single PC Deployment #### Quick Start (Recommended) ```batch # 1. Initial setup (run once) 00-RUN-ME-FIRST.bat # 2. Execute data collection Update-PC-CompleteAsset.bat ``` #### Manual PowerShell Execution ```powershell # Navigate to script directory cd C:\Path\To\Scripts # Unblock scripts (security) Unblock-File .\*.ps1 # Execute main script .\Update-PC-CompleteAsset.ps1 ``` #### Silent Execution (Scheduled Tasks) ```batch # For automated/scheduled execution Update-PC-CompleteAsset-Silent.bat ``` --- ### Method 2: Multiple PC Deployment #### Computer List Configuration Edit `computers.txt` with target systems: ``` # Hostnames H123EXAMPLE G456MACHINE SHOPFLOOR-PC-01 # IP Addresses 192.168.1.100 192.168.1.101 # Fully Qualified Domain Names machine01.manufacturing.local cnc-cell-02.shop.local ``` #### Enhanced Batch Deployment ```batch # Execute on multiple systems Deploy-To-Multiple-PCs-Enhanced.bat ``` **Features**: - Parallel execution for faster deployment - Individual system success/failure tracking - Comprehensive logging and reporting - Network connectivity pre-checks #### PsExec Remote Deployment ```batch # Enterprise remote execution Deploy-With-PsExec.bat ``` **Requirements**: - PsExec.exe in system PATH or script directory - Administrative credentials for target systems - SMB/RPC connectivity to target machines --- ### Method 3: Enterprise Integration #### Group Policy Deployment 1. **Copy Scripts**: Place in network share accessible to all target computers 2. **Create GPO**: New Group Policy Object for computer configuration 3. **Add Startup Script**: Computer Configuration → Policies → Windows Settings → Scripts → Startup 4. **Configure Path**: Point to network share location of `Update-PC-CompleteAsset.bat` 5. **Apply to OUs**: Link GPO to appropriate Organizational Units #### SCCM/ConfigMgr Integration ```powershell # Package creation parameters Package Name: GE Manufacturing Asset Collection Program Command Line: Update-PC-CompleteAsset-Silent.bat Run Mode: Run with administrative rights Assignment: Required, recurring daily ``` #### Tanium Integration ```sql -- Tanium package deployment SELECT * FROM Packages WHERE Name LIKE '%Asset Collection%' -- Deploy to manufacturing systems DEPLOY Package="GE Asset Collection" TO ComputerGroup="Manufacturing Floor" ``` ## Configuration Management ### Dashboard URL Configuration #### Method 1: Environment Variable ```powershell # Set user environment variable [Environment]::SetEnvironmentVariable("ASSET_DASHBOARD_URL", "http://your-server/api.php", "User") # Set system environment variable (requires admin) [Environment]::SetEnvironmentVariable("ASSET_DASHBOARD_URL", "http://your-server/api.php", "Machine") ``` #### Method 2: Configuration File Create `dashboard-config.json`: ```json { "DashboardURL": "http://your-server/dashboard-v2/api.php", "Description": "Production Dashboard API Endpoint", "LastUpdated": "2025-09-06" } ``` #### Method 3: Command Line Parameter ```powershell .\Update-PC-CompleteAsset.ps1 -DashboardURL "http://your-server/api.php" ``` ### Advanced Configuration Options #### Skip Warranty Lookups (Default) ```powershell .\Update-PC-CompleteAsset.ps1 -SkipWarranty ``` #### Test Connections Only ```powershell .\Update-PC-CompleteAsset.ps1 -TestConnections ``` #### Custom Proxy Server ```powershell .\Update-PC-CompleteAsset.ps1 -ProxyURL "http://your-proxy/vendor-api-proxy.php" ``` ## Scheduling and Automation ### Windows Task Scheduler #### Create Scheduled Task ```xml 2025-01-01T06:00:00 1 HighestAvailable StopExisting false C:\Scripts\Update-PC-CompleteAsset-Silent.bat C:\Scripts ``` #### PowerShell Scheduled Task Creation ```powershell $action = New-ScheduledTaskAction -Execute "C:\Scripts\Update-PC-CompleteAsset-Silent.bat" -WorkingDirectory "C:\Scripts" $trigger = New-ScheduledTaskTrigger -Daily -At 6:00AM $principal = New-ScheduledTaskPrincipal -UserId "SYSTEM" -RunLevel Highest $settings = New-ScheduledTaskSettingsSet -MultipleInstances StopExisting Register-ScheduledTask -TaskName "GE Asset Collection" -Action $action -Trigger $trigger -Principal $principal -Settings $settings ``` ### Startup Script Integration ```batch REM Add to computer startup scripts REM Computer Configuration → Policies → Windows Settings → Scripts → Startup @echo off timeout 60 >nul 2>&1 cd /d "\\server\share\AssetScripts" call Update-PC-CompleteAsset-Silent.bat ``` ## Network Considerations ### Firewall Configuration ```powershell # Required outbound ports HTTP: TCP 80 (Dashboard API communication) HTTPS: TCP 443 (Secure dashboard API communication) DNS: UDP 53 (Name resolution) # Windows Firewall rule creation New-NetFirewallRule -DisplayName "Asset Collection HTTP" -Direction Outbound -Protocol TCP -LocalPort 80 -Action Allow New-NetFirewallRule -DisplayName "Asset Collection HTTPS" -Direction Outbound -Protocol TCP -LocalPort 443 -Action Allow ``` ### Proxy Server Configuration If corporate proxy required: ```powershell # System proxy configuration netsh winhttp set proxy proxy.corporate.com:8080 # PowerShell proxy configuration $proxy = New-Object System.Net.WebProxy("http://proxy.corporate.com:8080") [System.Net.WebRequest]::DefaultWebProxy = $proxy ``` ## Monitoring and Logging ### Execution Logging Scripts provide comprehensive console output with color-coded status: - 🟢 **Green**: Successful operations - 🟡 **Yellow**: Warnings and informational messages - 🔴 **Red**: Errors and failures - ⚫ **Gray**: Detailed debugging information ### Log File Creation ```powershell # Redirect output to log file .\Update-PC-CompleteAsset.ps1 | Tee-Object -FilePath "C:\Logs\AssetCollection-$(Get-Date -Format 'yyyyMMdd-HHmmss').log" ``` ### Centralized Monitoring Dashboard provides centralized view of: - Asset collection success/failure rates - Last update timestamps per system - Missing or outdated inventory data - Manufacturing configuration changes ## Troubleshooting Deployment Issues ### Common Issues and Solutions #### PowerShell Execution Policy ```powershell # Error: Execution of scripts is disabled on this system Set-ExecutionPolicy RemoteSigned -Scope CurrentUser # Verify change Get-ExecutionPolicy -List ``` #### Network Connectivity ```powershell # Test dashboard connectivity Test-NetConnection -ComputerName "10.48.130.197" -Port 80 # Test name resolution Resolve-DnsName "dashboard.manufacturing.local" # Manual connection test Update-PC-CompleteAsset.ps1 -TestConnections ``` #### Permission Issues ```powershell # Check current user permissions whoami /priv # Run as administrator Right-click → "Run as administrator" # Service account configuration # Configure service account with: # - Log on as a service right # - Local administrator membership # - Network access permissions ``` #### Registry Access Issues ```powershell # Check registry permissions # HKLM:\SOFTWARE\GE Aircraft Engines (Read access required) # HKLM:\SOFTWARE\WOW6432Node\GE Aircraft Engines (Read access required) # Error: Access denied reading registry # Solution: Run with administrator privileges or adjust registry permissions ``` ### Deployment Validation #### Success Verification ```powershell # Check dashboard API for recent data Invoke-RestMethod -Uri "http://dashboard/api.php?action=getDashboardData" -Method Get # Verify database entries # Check pc table for recent lastupdated timestamps # Check pc_dnc_config table for manufacturing data ``` #### Performance Monitoring ```powershell # Measure execution time Measure-Command { .\Update-PC-CompleteAsset.ps1 } # Typical execution times: # Standard PC: 15-30 seconds # Shopfloor PC: 45-90 seconds # Engineer PC: 20-40 seconds ``` ## Best Practices ### Deployment Staging 1. **Pilot Group**: Deploy to 5-10 test systems first 2. **Validation**: Verify data collection and dashboard integration 3. **Gradual Rollout**: Deploy to 25% of systems, monitor, then expand 4. **Full Deployment**: Complete rollout after successful validation ### Maintenance Windows - **Manufacturing Systems**: Deploy during scheduled maintenance windows - **Engineering Systems**: Deploy during off-hours or lunch breaks - **Standard Systems**: Deploy during normal business hours ### Change Management - **Documentation**: Maintain deployment logs and configuration changes - **Version Control**: Track script versions and configuration updates - **Rollback Planning**: Prepare rollback procedures for problematic deployments ### Security Considerations - **Script Integrity**: Use digital signatures for script validation - **Network Security**: Encrypt API communications where possible - **Access Control**: Limit script modification to authorized personnel - **Credential Management**: Never store credentials in scripts --- **Deployment guide designed for reliable, scalable, and secure rollout across enterprise manufacturing environments.**