Files

cproudlock 62c0c7bb06 Initial commit: Organized PowerShell scripts for ShopDB asset collection

Structure:
- asset-collection/: Local PC data collection scripts
- remote-execution/: WinRM remote execution scripts
- setup-utilities/: Configuration and testing utilities
- registry-backup/: GE registry backup scripts
- winrm-https/: WinRM HTTPS certificate setup
- docs/: Complete documentation

Each folder includes a README with detailed documentation.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2025-12-10 10:57:54 -05:00

16 KiB

Raw Blame History

PowerShell Scripts Reference

Complete documentation for all scripts in this repository.

Last Updated: 2025-12-10

Repository Structure

powershell-scripts/
├── asset-collection/       # Local PC data collection scripts
├── remote-execution/       # Remote WinRM execution scripts
├── setup-utilities/        # Configuration and testing
├── registry-backup/        # GE registry backup
├── winrm-https/           # WinRM HTTPS/certificate setup
└── docs/                  # Documentation

Asset Collection Scripts (asset-collection/)
Remote Execution Scripts (remote-execution/)
Setup & Utility Scripts (setup-utilities/)
Registry Backup Scripts (registry-backup/)
WinRM HTTPS Scripts (winrm-https/)

Asset Collection Scripts

Location: asset-collection/

Update-PC-CompleteAsset.ps1

Purpose: Primary script for comprehensive PC asset data collection and database storage.

What It Does:

Collects system information (hostname, serial number, manufacturer, model)
Determines PC type (Engineer/Shopfloor/Standard/Measuring)
Collects network interface configurations
For shopfloor PCs: Collects DNC/machine configurations from GE registry
Optionally retrieves Dell warranty information via proxy
Sends all data to ShopDB API for storage

Parameters:

Parameter	Default	Description
`-ProxyURL`	`http://10.48.130.158/vendor-api-proxy.php`	Warranty API proxy server
`-DashboardURL`	`https://tsgwp00525.rd.ds.ge.com/shopdb/api.asp`	ShopDB API endpoint
`-SkipWarranty`	`$true`	Skip warranty lookups (enabled by default)
`-TestConnections`	`$false`	Test API connectivity without collecting data

Usage:

# Standard execution (run as administrator)
.\Update-PC-CompleteAsset.ps1

# Test connectivity only
.\Update-PC-CompleteAsset.ps1 -TestConnections

# With warranty lookup enabled
.\Update-PC-CompleteAsset.ps1 -SkipWarranty:$false

Requires: Administrator privileges for full data collection

Get-ShopfloorConfig.ps1

Purpose: Library of functions for collecting shopfloor-specific configurations.

What It Does:

Enumerates all network interfaces and their configurations
Detects "machine networks" (192.168.x.x subnets)
Collects serial port (COM) configurations
Extracts DNC settings from GE Aircraft Engines registry
Analyzes DualPath configurations for multi-machine setups

Key Functions:

Function	Description
`Get-NetworkInterfaceConfig`	Collects all network adapter information
`Get-SerialPortConfig`	Enumerates COM port configurations
`Get-DNCConfig`	Extracts DNC registry settings
`Get-GERegistryConfig`	Reads GE Aircraft Engines registry keys

Note: This script is sourced (dot-sourced) by Update-PC-CompleteAsset.ps1 and not run directly.

Update-PC-Minimal.ps1

Purpose: Lightweight asset collection for locked-down PCs with restricted permissions.

What It Does:

Collects basic system info without requiring admin privileges
Uses only non-elevated WMI/CIM queries
Detects PC-DMIS software for measuring machine classification
Sends minimal data to ShopDB API

When to Use:

PCs where users cannot run as administrator
Measuring machines with restricted permissions
Quick data collection without full registry access

Usage:

.\Update-PC-Minimal.ps1

Requires: No elevated privileges (runs as standard user)

Backup-GERegistry.ps1

Purpose: Backs up GE Aircraft Engines registry keys for disaster recovery and auditing.

What It Does:

Exports registry keys from both 32-bit and 64-bit locations
Creates backup files named with machine number and serial number
Saves to network share for centralized backup storage

Parameters:

Parameter	Default	Description
`-BackupPath`	`S:\DT\cameron\scan\backup\reg`	Network path for backup files
`-Silent`	`$false`	Suppress console output

Backup Locations:

HKLM:\Software\GE Aircraft Engines
HKLM:\Software\WOW6432Node\GE Aircraft Engines

Output Filename Format: [machinenumber-]serialnumber-YYYY-MM-DD.reg

Usage:

# Interactive backup
.\Backup-GERegistry.ps1

# Silent backup (for scheduled tasks)
.\Backup-GERegistry.ps1 -Silent

Remote Execution Scripts

Invoke-RemoteAssetCollection.ps1

Purpose: Remotely executes asset collection on multiple PCs via WinRM (HTTP).

What It Does:

Establishes WinRM connections to target PCs
Executes Update-PC-CompleteAsset.ps1 remotely
Collects and logs results from each PC
Supports parallel execution for efficiency

Parameters:

Parameter	Default	Description
`-ComputerList`	-	Array of computer names/IPs
`-ComputerListFile`	-	Path to text file with computer list
`-Credential`	-	PSCredential for authentication
`-MaxConcurrent`	`5`	Maximum parallel sessions
`-TestConnections`	`$false`	Test connectivity only
`-ScriptPath`	`C:\Scripts\Update-PC-CompleteAsset.ps1`	Path to script on remote PCs

Prerequisites:

WinRM enabled on target PCs (Enable-PSRemoting -Force)
Admin credentials for remote PCs
Port 5985 (HTTP) open

Usage:

# From file with prompted credentials
.\Invoke-RemoteAssetCollection.ps1 -ComputerListFile ".\shopfloor-pcs.txt"

# Specific computers with stored credentials
$cred = Get-Credential
.\Invoke-RemoteAssetCollection.ps1 -ComputerList @("PC001","PC002") -Credential $cred

# Test connections only
.\Invoke-RemoteAssetCollection.ps1 -ComputerList @("PC001") -TestConnections

Requires: Administrator privileges, WinRM access to targets

Invoke-RemoteAssetCollection-HTTPS.ps1

Purpose: Secure remote asset collection via WinRM over HTTPS (port 5986).

What It Does: Same as Invoke-RemoteAssetCollection.ps1 but uses:

HTTPS/TLS encryption for secure communication
Wildcard certificates for domain-wide deployment
Automatic FQDN construction from hostnames

Parameters:

Parameter	Default	Description
`-HostnameList`	-	Array of hostnames (without domain)
`-HostnameListFile`	-	Path to text file with hostnames
`-Domain`	-	Domain suffix (e.g., "logon.ds.ge.com")
`-Port`	`5986`	HTTPS port
`-SkipCertificateCheck`	`$false`	Skip SSL validation (not recommended)

Usage:

# With domain suffix
.\Invoke-RemoteAssetCollection-HTTPS.ps1 -HostnameList @("PC001","PC002") -Domain "logon.ds.ge.com"

# From file
.\Invoke-RemoteAssetCollection-HTTPS.ps1 -HostnameListFile ".\hostnames.txt" -Domain "logon.ds.ge.com"

Requires: WinRM HTTPS configured on targets (see winrm-https folder)

Update-ShopfloorPCs-Remote.ps1

Purpose: Query ShopDB for all shopfloor PCs and update them remotely.

What It Does:

Queries ShopDB API for list of all shopfloor PCs
Establishes WinRM connections to each PC
Collects system info remotely and POSTs to API
Logs success/failure for each PC

Parameters:

Parameter	Default	Description
`-ComputerName`	-	Specific PC(s) to update
`-All`	`$false`	Update all shopfloor PCs from ShopDB
`-SetupTrustedHosts`	`$false`	Configure WinRM trusted hosts
`-Credential`	-	PSCredential for authentication
`-ApiUrl`	`https://tsgwp00525.rd.ds.ge.com/shopdb/api.asp`	ShopDB API URL

Usage:

# Update all shopfloor PCs
.\Update-ShopfloorPCs-Remote.ps1 -All

# Update specific PCs
.\Update-ShopfloorPCs-Remote.ps1 -ComputerName "PC001","PC002"

# Setup trusted hosts first
.\Update-ShopfloorPCs-Remote.ps1 -SetupTrustedHosts

Configuration & Setup Scripts

Setup-WinRM.ps1

Purpose: Configures WinRM on the management server for remote asset collection.

What It Does:

Enables WinRM service
Configures trusted hosts for remote connections
Sets up HTTP listener on port 5985
Tests connectivity to specified computers

Parameters:

Parameter	Default	Description
`-TrustedHosts`	`""`	Comma-separated list of trusted hosts (use "*" for all)
`-TestConnection`	`@()`	Array of computers to test after setup

Usage:

# Trust all hosts (less secure, simpler)
.\Setup-WinRM.ps1 -TrustedHosts "*"

# Trust specific IPs
.\Setup-WinRM.ps1 -TrustedHosts "10.48.130.100,10.48.130.101"

# Setup and test
.\Setup-WinRM.ps1 -TrustedHosts "*" -TestConnection @("10.48.130.100")

Requires: Administrator privileges

Install-AssetCollectionSchedule.ps1

Purpose: Creates a Windows scheduled task for automated asset collection.

What It Does:

Creates scheduled task running 4 times daily (6:00, 12:00, 18:00, 00:00)
Configures silent execution (no window popup)
Runs as SYSTEM account
Handles battery/network conditions appropriately

Parameters:

Parameter	Default	Description
`-ScriptPath`	`S:\DT\adata\script\Update-PC-CompleteAsset-Silent.bat`	Path to batch file
`-TaskName`	`"GE Asset Collection"`	Name for scheduled task

Usage:

# Install with defaults
.\Install-AssetCollectionSchedule.ps1

# Custom script path
.\Install-AssetCollectionSchedule.ps1 -ScriptPath "C:\Scripts\Update-PC-CompleteAsset-Silent.bat"

Requires: Administrator privileges

Utility Scripts

Test-API-Connection.ps1

Purpose: Tests connectivity and functionality of the ShopDB API.

What It Does:

Tests basic API connectivity
Tests INSERT operation (creates test PC record)
Tests UPDATE operation (modifies test record)
Tests DELETE operation (cleans up test record)
Reports success/failure for each operation

Parameters:

Parameter	Default	Description
`-DashboardURL`	`http://192.168.122.151:8080/api.asp`	API endpoint to test

Usage:

# Test development API
.\Test-API-Connection.ps1

# Test production API
.\Test-API-Connection.ps1 -DashboardURL "https://production-server/shopdb/api.asp"

Get-InstalledApps.ps1

Purpose: Collects list of installed applications from a PC.

What It Does:

Queries registry for installed programs
Returns application names and versions
Used for software inventory in ShopDB

Usage:

.\Get-InstalledApps.ps1

Batch File Launchers

Update-PC-CompleteAsset.bat

Standard launcher - opens PowerShell window with output visible.

Update-PC-CompleteAsset-Silent.bat

Silent launcher - runs hidden, suitable for scheduled tasks.

Update-PC-Minimal.bat

Launcher for minimal collection script.

Run-RemoteCollection.bat

Launcher for remote collection script.

Get-InstalledApps.bat

Launcher for application inventory script.

Run-GetInstalledApps.bat

Alternative launcher for application inventory.

WinRM HTTPS Scripts

Located in winrm-https/ folder. These scripts configure secure WinRM over HTTPS.

Key Scripts:

Script	Purpose
`Setup-WinRM-HTTPS.ps1`	Configure WinRM HTTPS on target PCs
`Create-CertificateAuthority.ps1`	Create internal CA for certificates
`Sign-PCCertificate.ps1`	Sign individual PC certificates
`Sign-BulkPCCertificates.ps1`	Sign certificates for multiple PCs
`Configure-WinRM-Client.ps1`	Configure client for HTTPS connections
`Test-WinRM-HTTPS-Setup.ps1`	Verify HTTPS configuration
`Test-ShopfloorPC.ps1`	Test connectivity to shopfloor PC

Documentation:

Document	Description
`README.md`	Overview and quick start
`CA-APPROACH-GUIDE.md`	Certificate Authority setup guide
`GETTING_STARTED.md`	Step-by-step initial setup
`NETWORK_SHARE_DEPLOYMENT.md`	Deploying via network share
`SECURE_CREDENTIAL_MANAGEMENT.md`	Credential security best practices
`TROUBLESHOOTING_CERTIFICATE_GENERATION.md`	Certificate troubleshooting

Architecture Overview

┌─────────────────────────────────────────────────────────────────┐
│                     Management Server                            │
│  ┌──────────────────────────────────────────────────────────┐   │
│  │  Invoke-RemoteAssetCollection.ps1                        │   │
│  │  Invoke-RemoteAssetCollection-HTTPS.ps1                  │   │
│  │  Update-ShopfloorPCs-Remote.ps1                          │   │
│  └──────────────────────┬───────────────────────────────────┘   │
└─────────────────────────┼───────────────────────────────────────┘
                          │ WinRM (5985/5986)
                          ▼
┌─────────────────────────────────────────────────────────────────┐
│                     Shopfloor PCs                                │
│  ┌──────────────────────────────────────────────────────────┐   │
│  │  Update-PC-CompleteAsset.ps1                             │   │
│  │  Get-ShopfloorConfig.ps1                                 │   │
│  │  Backup-GERegistry.ps1                                   │   │
│  └──────────────────────┬───────────────────────────────────┘   │
└─────────────────────────┼───────────────────────────────────────┘
                          │ HTTPS
                          ▼
┌─────────────────────────────────────────────────────────────────┐
│                     ShopDB API Server                            │
│  ┌──────────────────────────────────────────────────────────┐   │
│  │  api.asp (IIS)  →  MySQL Database                        │   │
│  └──────────────────────────────────────────────────────────┘   │
└─────────────────────────────────────────────────────────────────┘

Quick Reference

Run asset collection on local PC:

Update-PC-CompleteAsset.bat

Run silent collection (for scheduled tasks):

Update-PC-CompleteAsset-Silent.bat

Collect from all shopfloor PCs remotely:

.\Update-ShopfloorPCs-Remote.ps1 -All

Test API connectivity:

.\Test-API-Connection.ps1

Setup scheduled collection:

.\Install-AssetCollectionSchedule.ps1

Repository: http://localhost:3000/cproudlock/powershell-scripts

16 KiB Raw Blame History

PowerShell Scripts Reference

Repository Structure

Table of Contents

Asset Collection Scripts

Update-PC-CompleteAsset.ps1

Get-ShopfloorConfig.ps1

Update-PC-Minimal.ps1

Backup-GERegistry.ps1

Remote Execution Scripts

Invoke-RemoteAssetCollection.ps1

Invoke-RemoteAssetCollection-HTTPS.ps1

Update-ShopfloorPCs-Remote.ps1

Configuration & Setup Scripts

Setup-WinRM.ps1

Install-AssetCollectionSchedule.ps1

Utility Scripts

Test-API-Connection.ps1

Get-InstalledApps.ps1

Batch File Launchers

Update-PC-CompleteAsset.bat

Update-PC-CompleteAsset-Silent.bat

Update-PC-Minimal.bat

Run-RemoteCollection.bat

Get-InstalledApps.bat

Run-GetInstalledApps.bat

WinRM HTTPS Scripts

Key Scripts:

Documentation:

Architecture Overview

Quick Reference

Run asset collection on local PC:

Run silent collection (for scheduled tasks):

Collect from all shopfloor PCs remotely:

Test API connectivity:

Setup scheduled collection:

16 KiB

Raw Blame History