From 3ea20b271e261da49f655885956d371eb96cbf49 Mon Sep 17 00:00:00 2001 From: cproudlock Date: Sat, 11 Apr 2026 14:25:41 -0400 Subject: [PATCH] Shopfloor unattend: fix tower (no-WiFi) hang on internet wait FlatUnattendW10-shopfloor.xml Orders 4 and 5 hung forever on desktops/towers with no WiFi NIC. Two underlying bugs: 1. Order 4 used Test-Connection (ICMP) against login.microsoftonline.us. Microsoft 365 endpoints do not reliably respond to ICMP, so even with working TCP 443 internet the ping loop ran forever. Symptom on a user-facing machine was the PowerShell window permanently stuck on "Waiting for internet connectivity...". 2. Order 5 unconditionally disabled all wired adapters and waited for WiFi internet. On a tower with no WiFi NIC this left the machine completely offline, and the following while loop waited for a WiFi connection that could never happen. Fixes: - Order 4 now emits a 60s interactive prompt asking the user to connect to the production network (so towers have a window to unplug PXE and plug into a production port), then uses Test-NetConnection -Port 443 with a 10 min hard timeout so the loop always exits. - Order 5 checks for a physical WiFi adapter first; if none exists (tower case), it logs "No WiFi adapter - staying on ethernet" and returns immediately instead of disabling wired. If WiFi is present and migration times out, wired adapters are re-enabled as a fallback so the machine is never left offline. Both orders now use Test-NetConnection -Port 443 instead of Test-Connection (ICMP) so ICMP-blocking firewalls and non-responsive cloud endpoints no longer produce infinite waits. Co-Authored-By: Claude Opus 4.6 (1M context) --- playbook/FlatUnattendW10-shopfloor.xml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/playbook/FlatUnattendW10-shopfloor.xml b/playbook/FlatUnattendW10-shopfloor.xml index 4de6e7a..1678d8e 100644 --- a/playbook/FlatUnattendW10-shopfloor.xml +++ b/playbook/FlatUnattendW10-shopfloor.xml @@ -156,13 +156,13 @@ 4 - powershell.exe -ExecutionPolicy Bypass -Command "Write-Host 'Waiting for internet connectivity...'; while (-not (Test-Connection -ComputerName login.microsoftonline.us -Count 1 -Quiet -ErrorAction SilentlyContinue)) { Start-Sleep -Seconds 5 }; Write-Host 'Internet connected.'" - Wait for internet connectivity + powershell.exe -ExecutionPolicy Bypass -Command "Write-Host ''; Write-Host '========================================' -ForegroundColor Yellow; Write-Host ' Connect to PRODUCTION network NOW' -ForegroundColor Yellow; Write-Host ' Towers: unplug PXE, plug into production' -ForegroundColor Yellow; Write-Host ' Laptops: WiFi should already be connected' -ForegroundColor Yellow; Write-Host '========================================' -ForegroundColor Yellow; Write-Host ''; Write-Host 'Auto-continuing in 60s (press any key to skip)...' -ForegroundColor Cyan; $end=(Get-Date).AddSeconds(60); while ((Get-Date) -lt $end) { if ($Host.UI.RawUI.KeyAvailable) { $null = $Host.UI.RawUI.ReadKey('NoEcho,IncludeKeyDown'); break }; Start-Sleep -Milliseconds 500 }; Write-Host 'Waiting for internet connectivity (up to 10 min)...'; $end2=(Get-Date).AddMinutes(10); $ok=$false; while ((Get-Date) -lt $end2) { if (Test-NetConnection -ComputerName login.microsoftonline.us -Port 443 -InformationLevel Quiet -WarningAction SilentlyContinue) { $ok=$true; break }; Start-Sleep -Seconds 5 }; if ($ok) { Write-Host 'Internet connected.' -ForegroundColor Green } else { Write-Host 'Internet wait timeout - proceeding anyway.' -ForegroundColor Yellow }" + Prompt to connect production network, then wait for TCP 443 to login.microsoftonline.us (with 10 min timeout). Uses Test-NetConnection -Port 443 not Test-Connection because Microsoft 365 endpoints do not reliably respond to ICMP. 5 - powershell.exe -ExecutionPolicy Bypass -Command "Get-NetAdapter -Physical | Where-Object { $_.InterfaceDescription -notmatch 'Wi-Fi|Wireless' } | Disable-NetAdapter -Confirm:$false; while (-not (Test-Connection -ComputerName login.microsoftonline.us -Count 1 -Quiet -ErrorAction SilentlyContinue)) { Start-Sleep -Seconds 5 }; Write-Host 'Internet confirmed over WiFi.'" - Disable wired adapters and wait for WiFi internet + powershell.exe -ExecutionPolicy Bypass -Command "$wifi = Get-NetAdapter -Physical -ErrorAction SilentlyContinue | Where-Object { $_.InterfaceDescription -match 'Wi-Fi|Wireless' }; if (-not $wifi) { Write-Host 'No WiFi adapter - staying on ethernet.' -ForegroundColor Cyan; exit 0 }; Get-NetAdapter -Physical | Where-Object { $_.InterfaceDescription -notmatch 'Wi-Fi|Wireless' } | Disable-NetAdapter -Confirm:$false; $end=(Get-Date).AddMinutes(5); $ok=$false; while ((Get-Date) -lt $end) { if (Test-NetConnection -ComputerName login.microsoftonline.us -Port 443 -InformationLevel Quiet -WarningAction SilentlyContinue) { $ok=$true; break }; Start-Sleep -Seconds 5 }; if ($ok) { Write-Host 'Internet confirmed over WiFi.' -ForegroundColor Green } else { Write-Host 'WiFi internet timeout - re-enabling ethernet.' -ForegroundColor Yellow; Get-NetAdapter -Physical | Where-Object { $_.InterfaceDescription -notmatch 'Wi-Fi|Wireless' } | Enable-NetAdapter -Confirm:$false }" + If WiFi adapter exists, migrate off wired onto WiFi for enrollment. Tower/desktop with no WiFi: skip entirely and stay on wired. Fall back to re-enabling wired if WiFi fails. 6