62c0c7bb06
Structure: - asset-collection/: Local PC data collection scripts - remote-execution/: WinRM remote execution scripts - setup-utilities/: Configuration and testing utilities - registry-backup/: GE registry backup scripts - winrm-https/: WinRM HTTPS certificate setup - docs/: Complete documentation Each folder includes a README with detailed documentation. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
10 KiB
10 KiB
Deployment Guide
Deployment Overview
The GE Manufacturing Asset Management Scripts support multiple deployment strategies for enterprise manufacturing environments, from single-PC execution to large-scale automated rollouts across hundreds of manufacturing systems.
Prerequisites
System Requirements
- Operating System: Windows 10/11, Windows Server 2016+
- PowerShell: Version 5.1 or later
- Execution Policy: RemoteSigned or Unrestricted
- Network Access: HTTP connectivity to dashboard API
- Permissions: Administrator rights recommended
Environment Preparation
# Check PowerShell version
$PSVersionTable.PSVersion
# Check execution policy
Get-ExecutionPolicy
# Set execution policy (if needed)
Set-ExecutionPolicy RemoteSigned -Scope CurrentUser
Deployment Methods
Method 1: Single PC Deployment
Quick Start (Recommended)
# 1. Initial setup (run once)
00-RUN-ME-FIRST.bat
# 2. Execute data collection
Update-PC-CompleteAsset.bat
Manual PowerShell Execution
# Navigate to script directory
cd C:\Path\To\Scripts
# Unblock scripts (security)
Unblock-File .\*.ps1
# Execute main script
.\Update-PC-CompleteAsset.ps1
Silent Execution (Scheduled Tasks)
# For automated/scheduled execution
Update-PC-CompleteAsset-Silent.bat
Method 2: Multiple PC Deployment
Computer List Configuration
Edit computers.txt with target systems:
# Hostnames
H123EXAMPLE
G456MACHINE
SHOPFLOOR-PC-01
# IP Addresses
192.168.1.100
192.168.1.101
# Fully Qualified Domain Names
machine01.manufacturing.local
cnc-cell-02.shop.local
Enhanced Batch Deployment
# Execute on multiple systems
Deploy-To-Multiple-PCs-Enhanced.bat
Features:
- Parallel execution for faster deployment
- Individual system success/failure tracking
- Comprehensive logging and reporting
- Network connectivity pre-checks
PsExec Remote Deployment
# Enterprise remote execution
Deploy-With-PsExec.bat
Requirements:
- PsExec.exe in system PATH or script directory
- Administrative credentials for target systems
- SMB/RPC connectivity to target machines
Method 3: Enterprise Integration
Group Policy Deployment
- Copy Scripts: Place in network share accessible to all target computers
- Create GPO: New Group Policy Object for computer configuration
- Add Startup Script: Computer Configuration → Policies → Windows Settings → Scripts → Startup
- Configure Path: Point to network share location of
Update-PC-CompleteAsset.bat - Apply to OUs: Link GPO to appropriate Organizational Units
SCCM/ConfigMgr Integration
# Package creation parameters
Package Name: GE Manufacturing Asset Collection
Program Command Line: Update-PC-CompleteAsset-Silent.bat
Run Mode: Run with administrative rights
Assignment: Required, recurring daily
Tanium Integration
-- Tanium package deployment
SELECT * FROM Packages WHERE Name LIKE '%Asset Collection%'
-- Deploy to manufacturing systems
DEPLOY Package="GE Asset Collection" TO ComputerGroup="Manufacturing Floor"
Configuration Management
Dashboard URL Configuration
Method 1: Environment Variable
# Set user environment variable
[Environment]::SetEnvironmentVariable("ASSET_DASHBOARD_URL", "http://your-server/api.php", "User")
# Set system environment variable (requires admin)
[Environment]::SetEnvironmentVariable("ASSET_DASHBOARD_URL", "http://your-server/api.php", "Machine")
Method 2: Configuration File
Create dashboard-config.json:
{
"DashboardURL": "http://your-server/dashboard-v2/api.php",
"Description": "Production Dashboard API Endpoint",
"LastUpdated": "2025-09-06"
}
Method 3: Command Line Parameter
.\Update-PC-CompleteAsset.ps1 -DashboardURL "http://your-server/api.php"
Advanced Configuration Options
Skip Warranty Lookups (Default)
.\Update-PC-CompleteAsset.ps1 -SkipWarranty
Test Connections Only
.\Update-PC-CompleteAsset.ps1 -TestConnections
Custom Proxy Server
.\Update-PC-CompleteAsset.ps1 -ProxyURL "http://your-proxy/vendor-api-proxy.php"
Scheduling and Automation
Windows Task Scheduler
Create Scheduled Task
<?xml version="1.0" encoding="UTF-16"?>
<Task xmlns="http://schemas.microsoft.com/windows/2004/02/mit/task">
<Triggers>
<CalendarTrigger>
<StartBoundary>2025-01-01T06:00:00</StartBoundary>
<ScheduleByDay>
<DaysInterval>1</DaysInterval>
</ScheduleByDay>
</CalendarTrigger>
</Triggers>
<Principals>
<Principal>
<RunLevel>HighestAvailable</RunLevel>
</Principal>
</Principals>
<Settings>
<MultipleInstancesPolicy>StopExisting</MultipleInstancesPolicy>
<DisallowStartIfOnBatteries>false</DisallowStartIfOnBatteries>
</Settings>
<Actions>
<Exec>
<Command>C:\Scripts\Update-PC-CompleteAsset-Silent.bat</Command>
<WorkingDirectory>C:\Scripts</WorkingDirectory>
</Exec>
</Actions>
</Task>
PowerShell Scheduled Task Creation
$action = New-ScheduledTaskAction -Execute "C:\Scripts\Update-PC-CompleteAsset-Silent.bat" -WorkingDirectory "C:\Scripts"
$trigger = New-ScheduledTaskTrigger -Daily -At 6:00AM
$principal = New-ScheduledTaskPrincipal -UserId "SYSTEM" -RunLevel Highest
$settings = New-ScheduledTaskSettingsSet -MultipleInstances StopExisting
Register-ScheduledTask -TaskName "GE Asset Collection" -Action $action -Trigger $trigger -Principal $principal -Settings $settings
Startup Script Integration
REM Add to computer startup scripts
REM Computer Configuration → Policies → Windows Settings → Scripts → Startup
@echo off
timeout 60 >nul 2>&1
cd /d "\\server\share\AssetScripts"
call Update-PC-CompleteAsset-Silent.bat
Network Considerations
Firewall Configuration
# Required outbound ports
HTTP: TCP 80 (Dashboard API communication)
HTTPS: TCP 443 (Secure dashboard API communication)
DNS: UDP 53 (Name resolution)
# Windows Firewall rule creation
New-NetFirewallRule -DisplayName "Asset Collection HTTP" -Direction Outbound -Protocol TCP -LocalPort 80 -Action Allow
New-NetFirewallRule -DisplayName "Asset Collection HTTPS" -Direction Outbound -Protocol TCP -LocalPort 443 -Action Allow
Proxy Server Configuration
If corporate proxy required:
# System proxy configuration
netsh winhttp set proxy proxy.corporate.com:8080
# PowerShell proxy configuration
$proxy = New-Object System.Net.WebProxy("http://proxy.corporate.com:8080")
[System.Net.WebRequest]::DefaultWebProxy = $proxy
Monitoring and Logging
Execution Logging
Scripts provide comprehensive console output with color-coded status:
- 🟢 Green: Successful operations
- 🟡 Yellow: Warnings and informational messages
- 🔴 Red: Errors and failures
- ⚫ Gray: Detailed debugging information
Log File Creation
# Redirect output to log file
.\Update-PC-CompleteAsset.ps1 | Tee-Object -FilePath "C:\Logs\AssetCollection-$(Get-Date -Format 'yyyyMMdd-HHmmss').log"
Centralized Monitoring
Dashboard provides centralized view of:
- Asset collection success/failure rates
- Last update timestamps per system
- Missing or outdated inventory data
- Manufacturing configuration changes
Troubleshooting Deployment Issues
Common Issues and Solutions
PowerShell Execution Policy
# Error: Execution of scripts is disabled on this system
Set-ExecutionPolicy RemoteSigned -Scope CurrentUser
# Verify change
Get-ExecutionPolicy -List
Network Connectivity
# Test dashboard connectivity
Test-NetConnection -ComputerName "10.48.130.197" -Port 80
# Test name resolution
Resolve-DnsName "dashboard.manufacturing.local"
# Manual connection test
Update-PC-CompleteAsset.ps1 -TestConnections
Permission Issues
# Check current user permissions
whoami /priv
# Run as administrator
Right-click → "Run as administrator"
# Service account configuration
# Configure service account with:
# - Log on as a service right
# - Local administrator membership
# - Network access permissions
Registry Access Issues
# Check registry permissions
# HKLM:\SOFTWARE\GE Aircraft Engines (Read access required)
# HKLM:\SOFTWARE\WOW6432Node\GE Aircraft Engines (Read access required)
# Error: Access denied reading registry
# Solution: Run with administrator privileges or adjust registry permissions
Deployment Validation
Success Verification
# Check dashboard API for recent data
Invoke-RestMethod -Uri "http://dashboard/api.php?action=getDashboardData" -Method Get
# Verify database entries
# Check pc table for recent lastupdated timestamps
# Check pc_dnc_config table for manufacturing data
Performance Monitoring
# Measure execution time
Measure-Command { .\Update-PC-CompleteAsset.ps1 }
# Typical execution times:
# Standard PC: 15-30 seconds
# Shopfloor PC: 45-90 seconds
# Engineer PC: 20-40 seconds
Best Practices
Deployment Staging
- Pilot Group: Deploy to 5-10 test systems first
- Validation: Verify data collection and dashboard integration
- Gradual Rollout: Deploy to 25% of systems, monitor, then expand
- Full Deployment: Complete rollout after successful validation
Maintenance Windows
- Manufacturing Systems: Deploy during scheduled maintenance windows
- Engineering Systems: Deploy during off-hours or lunch breaks
- Standard Systems: Deploy during normal business hours
Change Management
- Documentation: Maintain deployment logs and configuration changes
- Version Control: Track script versions and configuration updates
- Rollback Planning: Prepare rollback procedures for problematic deployments
Security Considerations
- Script Integrity: Use digital signatures for script validation
- Network Security: Encrypt API communications where possible
- Access Control: Limit script modification to authorized personnel
- Credential Management: Never store credentials in scripts
Deployment guide designed for reliable, scalable, and secure rollout across enterprise manufacturing environments.