================================================================================
LOGGING SUMMARY - ALL SCRIPTS
================================================================================

All scripts now automatically generate log files in:
S:\DT\ADATA\SCRIPT\DEPLOY\LOGS\

Log files are created with naming format:
HOSTNAME-TIMESTAMP-SCRIPTTYPE.txt

================================================================================
LOG FILES GENERATED
================================================================================

1. Deploy-PCCertificate.bat
   Log File: HOSTNAME-YYYYMMDD-HHMMSS-CERT-DEPLOY.txt
   Contains:
   - Certificate import details
   - WinRM HTTPS listener creation
   - Firewall rule configuration
   - Network profile changes
   - Complete deployment status

2. Test-RemotePC-Debug.bat
   Log File: HOSTNAME-YYYYMMDD-HHMMSS-DEBUG.txt
   Contains:
   - WinRM service status
   - WinRM listeners (HTTP/HTTPS)
   - Port listening status (5985, 5986)
   - Firewall rules (with subnet restrictions)
   - Certificates in LocalMachine\My
   - WinRM configuration
   - Network information (hostname, FQDN, IPs)
   - Network profile (Public/Private/Domain)
   - Firewall profile status
   - Self-connectivity test

3. Fix-FirewallSubnet.bat
   Log File: HOSTNAME-YYYYMMDD-HHMMSS-FIREWALL-FIX.txt
   Contains:
   - Current firewall rule configuration
   - New subnet configuration
   - Firewall rule update results

4. Set-NetworkPrivate.bat
   Log File: HOSTNAME-YYYYMMDD-HHMMSS-NETWORK-PROFILE.txt
   Contains:
   - Current network profile status
   - Network profile changes (Public to Private)
   - WinRM service restart
   - Firewall rule updates

================================================================================
LOG FILE EXAMPLES
================================================================================

Deployment Log:
S:\DT\ADATA\SCRIPT\DEPLOY\LOGS\G9KN7PZ3ESF-20251017-102912-CERT-DEPLOY.txt

Debug Log:
S:\DT\ADATA\SCRIPT\DEPLOY\LOGS\G9KN7PZ3ESF-20251017-143022-DEBUG.txt

Firewall Fix Log:
S:\DT\ADATA\SCRIPT\DEPLOY\LOGS\G9KN7PZ3ESF-20251017-150000-FIREWALL-FIX.txt

Network Profile Log:
S:\DT\ADATA\SCRIPT\DEPLOY\LOGS\G9KN7PZ3ESF-20251017-151500-NETWORK-PROFILE.txt

================================================================================
ACCESSING LOG FILES
================================================================================

From Network Share:
  Navigate to: S:\DT\ADATA\SCRIPT\DEPLOY\LOGS\
  Sort by date to see latest logs

From Command Line:
  dir S:\DT\ADATA\SCRIPT\DEPLOY\LOGS\G9KN7PZ3ESF*.txt /od

From PowerShell:
  Get-ChildItem S:\DT\ADATA\SCRIPT\DEPLOY\LOGS\G9KN7PZ3ESF*.txt |
      Sort-Object LastWriteTime -Descending |
      Select-Object -First 5

View Latest Log:
  Get-Content (Get-ChildItem S:\DT\ADATA\SCRIPT\DEPLOY\LOGS\G9KN7PZ3ESF*.txt |
      Sort-Object LastWriteTime -Descending |
      Select-Object -First 1).FullName

================================================================================
TROUBLESHOOTING WITH LOGS
================================================================================

Problem: Deployment Failed
Action:
  1. Check: S:\DT\ADATA\SCRIPT\DEPLOY\LOGS\HOSTNAME-*-CERT-DEPLOY.txt
  2. Look for [ERROR] messages
  3. Review certificate import, listener creation, firewall steps

Problem: Cannot Connect Remotely
Action:
  1. Run: Test-RemotePC-Debug.bat on the PC
  2. Check: S:\DT\ADATA\SCRIPT\DEPLOY\LOGS\HOSTNAME-*-DEBUG.txt
  3. Review:
     - Port 5986 listening?
     - Firewall rule enabled?
     - Remote Address restrictions?
     - Network profile (Public vs Private)?
     - Certificate present?

Problem: Subnet Access Issues
Action:
  1. Check: S:\DT\ADATA\SCRIPT\DEPLOY\LOGS\HOSTNAME-*-DEBUG.txt
  2. Look for "TEST 4: Firewall Rules" section
  3. Check "Remote Address" value
  4. If wrong, run Fix-FirewallSubnet.bat
  5. Check: S:\DT\ADATA\SCRIPT\DEPLOY\LOGS\HOSTNAME-*-FIREWALL-FIX.txt

Problem: Public Network Profile Blocking
Action:
  1. Check: S:\DT\ADATA\SCRIPT\DEPLOY\LOGS\HOSTNAME-*-DEBUG.txt
  2. Look for "TEST 8: Network Profile" section
  3. If "Public", run Set-NetworkPrivate.bat
  4. Check: S:\DT\ADATA\SCRIPT\DEPLOY\LOGS\HOSTNAME-*-NETWORK-PROFILE.txt

================================================================================
LOG RETENTION
================================================================================

Logs are stored indefinitely in S:\DT\ADATA\SCRIPT\DEPLOY\LOGS\

To clean up old logs (after troubleshooting):

  Delete logs older than 30 days:
  forfiles /p "S:\DT\ADATA\SCRIPT\DEPLOY\LOGS" /m *.txt /d -30 /c "cmd /c del @path"

  Or keep only last 100 logs per PC:
  Get-ChildItem S:\DT\ADATA\SCRIPT\DEPLOY\LOGS\*.txt |
      Group-Object {$_.Name.Split('-')[0]} |
      ForEach-Object {
          $_.Group | Sort-Object LastWriteTime -Descending |
          Select-Object -Skip 100 |
          Remove-Item
      }

================================================================================
LOG FILE PERMISSIONS
================================================================================

Required Permissions:
  - Domain Computers: READ/WRITE access to S:\DT\ADATA\SCRIPT\DEPLOY\LOGS\
  - This allows PCs to create and write log files

Verify Permissions:
  icacls S:\DT\ADATA\SCRIPT\DEPLOY\LOGS

Grant Permissions (if needed):
  icacls S:\DT\ADATA\SCRIPT\DEPLOY\LOGS /grant "Domain Computers:(OI)(CI)M" /T

================================================================================
MONITORING DEPLOYMENTS
================================================================================

Track All Deployments:
  Get-ChildItem S:\DT\ADATA\SCRIPT\DEPLOY\LOGS\*-CERT-DEPLOY.txt |
      Select-Object Name, LastWriteTime |
      Sort-Object LastWriteTime -Descending

Check Success/Failure:
  Get-ChildItem S:\DT\ADATA\SCRIPT\DEPLOY\LOGS\*-CERT-DEPLOY.txt |
      ForEach-Object {
          $content = Get-Content $_.FullName -Raw
          [PSCustomObject]@{
              PC = $_.Name.Split('-')[0]
              Time = $_.LastWriteTime
              Status = if($content -match '\[SUCCESS\]'){'Success'}else{'Failed'}
          }
      } | Format-Table -AutoSize

Recent Deployments (Last 24 Hours):
  Get-ChildItem S:\DT\ADATA\SCRIPT\DEPLOY\LOGS\*-CERT-DEPLOY.txt |
      Where-Object {$_.LastWriteTime -gt (Get-Date).AddHours(-24)} |
      Select-Object Name, LastWriteTime

================================================================================
SUMMARY
================================================================================

✓ All scripts log to: S:\DT\ADATA\SCRIPT\DEPLOY\LOGS\
✓ Unique log files per execution (timestamped)
✓ Different log types for different operations:
  - CERT-DEPLOY: Deployment logs
  - DEBUG: Diagnostic logs
  - FIREWALL-FIX: Firewall configuration logs
  - NETWORK-PROFILE: Network profile change logs
✓ Logs contain complete execution details
✓ Easy to search and troubleshoot
✓ Centralized logging for all 175 PCs

Use logs to:
  - Track deployment progress
  - Troubleshoot connection issues
  - Verify configurations
  - Document changes

================================================================================