ge-aerospace/pxe-server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Phase 1 stays "in progress" until Report IP log appears

Browse Source 
Monitor on-screen Phase 1 row used to show COMPLETE the instant AAD
join + Intune enroll + EmTask + baseline policies (>=15 subkeys) all
hit. That's misleading: the bay isn't actually registration-clean
until GE's Proactive Remediation Report IP script has fired on
WiFi-only and dropped C:\Logs\GE_Report_IP_Address*.txt. Without
that log, the SFLD ConfigurationProfile assignment filter still sees
a leaked 10.9.100.x IP and Phase 2 won't unblock.

Add reportIpDone to both the p1Done gate and the Get-PhaseStatus
input list so the on-screen Intune Registration row stays IN PROGRESS
until the file lands. Matches the dashboard side: idx=7 push is
already gated on the same file.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
cproudlock
2026-05-13 18:11:36 -04:00
parent d87be4c40d
commit 2bfb2522c7
1 changed files with 10 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
playbook/shopfloor-setup/Shopfloor/lib/Monitor-IntuneProgress.ps1
View File

@@ -811,13 +811,21 @@ function Format-Snapshot {
# not just "arriving". Stops the category prompt firing pre-first-reboot # not just "arriving". Stops the category prompt firing pre-first-reboot
# when only ~4 subkeys are present (we tested this empirically; clicking # when only ~4 subkeys are present (we tested this empirically; clicking
# "assign category" at 4 subkeys = imaging stalls + re-image required). # "assign category" at 4 subkeys = imaging stalls + re-image required).
# Report IP log presence is part of Phase 1 completion. Without that log
# we know GE's Proactive-Remediation script hasn't fired on WiFi-only
# yet, which means the SFLD ConfigurationProfile assignment filter still
# sees a leaked 10.9.100.x IP and Phase 2 won't unblock. Don't call
# registration "done" until Report IP has cleared.
$reportIpDone = [bool](Get-ChildItem -Path 'C:\Logs\GE_Report_IP_Address*.txt' -ErrorAction SilentlyContinue | Select-Object -First 1)
$p1Done = ($Snap.Phase1.AzureAdJoined -and $Snap.Phase1.IntuneEnrolled -and $p1Done = ($Snap.Phase1.AzureAdJoined -and $Snap.Phase1.IntuneEnrolled -and
$Snap.Phase1.EmTaskExists -and $Snap.Phase1.PoliciesBaselineReady) $Snap.Phase1.EmTaskExists -and $Snap.Phase1.PoliciesBaselineReady -and
$reportIpDone)
$p1Status = Get-PhaseStatus @( $p1Status = Get-PhaseStatus @(
@{ Ok = $Snap.Phase1.AzureAdJoined; Failed = $false }, @{ Ok = $Snap.Phase1.AzureAdJoined; Failed = $false },
@{ Ok = $Snap.Phase1.IntuneEnrolled; Failed = $false }, @{ Ok = $Snap.Phase1.IntuneEnrolled; Failed = $false },
@{ Ok = $Snap.Phase1.EmTaskExists; Failed = $false }, @{ Ok = $Snap.Phase1.EmTaskExists; Failed = $false },
@{ Ok = $Snap.Phase1.PoliciesBaselineReady; Failed = $false } @{ Ok = $Snap.Phase1.PoliciesBaselineReady; Failed = $false },
@{ Ok = $reportIpDone; Failed = $false }
) )
# Phase 6 / Lockdown (shared by both flows, rendered last). # Phase 6 / Lockdown (shared by both flows, rendered last).