Fix Report IP glob (.LOG not .txt) + add device-id copy button

Field bay surfaced two bugs in one diag dump (mdm-diag-F907T5X3 - 6PPSF24): 1. GE Proactive Remediation Report IP actually writes GE_Report_IP_Address_2_5.LOG (uppercase .LOG), not the .txt I assumed. Globs in two places had .txt filter -> never matched -> Phase 1 stuck IN PROGRESS forever even after the file landed and wired-NIC re-enable never fired. Drop extension from both globs in Monitor-IntuneProgress.ps1 (id=7 push gate + p1Done check). 2. The "GE Re-enable Wired NICs" SYSTEM task registered by Run-ShopfloorSetup was polling Autologon_Remediation.log for "Autologon set for ShopFloor" - a lockdown-time signal. Re-enable needs to fire at Report-IP time (well before lockdown) so that Monitor can push idx=7 with the QR before the Intune-triggered LAPS-prompt reboot. Repoint the SYSTEM task's poll to C:\Logs\GE_Report_IP_Address* (any extension). Plus minor UX: copy button next to the Intune device ID on /imaging dashboard so techs can grab the GUID without having to double-click-select the <code>. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-13 18:27:26 -04:00
parent 7e1ea03f02
commit 59dbd64e37
3 changed files with 15 additions and 8 deletions
--- a/playbook/shopfloor-setup/Run-ShopfloorSetup.ps1
+++ b/playbook/shopfloor-setup/Run-ShopfloorSetup.ps1
@@ -310,11 +310,14 @@ if (Test-Path -LiteralPath $monitorScript) {
 $reEnableTask = 'GE Re-enable Wired NICs'
 try {
    $script = @'
-$imeLogs = 'C:\ProgramData\Microsoft\IntuneManagementExtension\Logs'
-$remLog  = Join-Path $imeLogs 'Autologon_Remediation.log'
-if (-not (Test-Path $remLog)) { exit 0 }
-$content = Get-Content $remLog -Raw -ErrorAction SilentlyContinue
-if ($content -notmatch 'Autologon set for ShopFloor') { exit 0 }
+# Poll for the GE Report-IP Proactive Remediation log file. Its appearance
+# means the Report IP script has fired with WiFi-only IPs (because we
+# disabled wired post-PPKG) - which is the exact moment we want to bring
+# wired back up so Monitor-IntuneProgress can push idx=7 with the
+# DeviceId / QR code before the Intune-triggered LAPS-prompt reboot lands.
+# Extension is .LOG (not .txt) observed in field; match any extension.
+$ip = Get-ChildItem 'C:\Logs\GE_Report_IP_Address*' -ErrorAction SilentlyContinue | Select-Object -First 1
+if (-not $ip) { exit 0 }

 # Vendor-agnostic wired-NIC re-enable. NetAdapter "Name" varies wildly
 # ("Ethernet", "Ethernet 2", "Network", per-vendor names like "Realtek
--- a/playbook/shopfloor-setup/Shopfloor/lib/Monitor-IntuneProgress.ps1
+++ b/playbook/shopfloor-setup/Shopfloor/lib/Monitor-IntuneProgress.ps1
@@ -229,7 +229,7 @@ function Get-Phase1 {
    #
    # 1. Re-enable wired NICs as soon as the log lands + state file exists.
    # 2. Push idx=7 once DeviceId is captured AND the log exists.
-    $reportIpLog = Get-ChildItem -Path 'C:\Logs\GE_Report_IP_Address*.txt' -ErrorAction SilentlyContinue |
+    $reportIpLog = Get-ChildItem -Path 'C:\Logs\GE_Report_IP_Address*' -ErrorAction SilentlyContinue |
                   Select-Object -First 1
    $nicListFile = 'C:\Enrollment\disabled-wired-nics.txt'
    if ($reportIpLog -and (Test-Path $nicListFile)) {
@@ -810,7 +810,7 @@ function Format-Snapshot {
    # yet, which means the SFLD ConfigurationProfile assignment filter still
    # sees a leaked 10.9.100.x IP and Phase 2 won't unblock. Don't call
    # registration "done" until Report IP has cleared.
-    $reportIpDone = [bool](Get-ChildItem -Path 'C:\Logs\GE_Report_IP_Address*.txt' -ErrorAction SilentlyContinue | Select-Object -First 1)
+    $reportIpDone = [bool](Get-ChildItem -Path 'C:\Logs\GE_Report_IP_Address*' -ErrorAction SilentlyContinue | Select-Object -First 1)
    $p1Done = ($Snap.Phase1.AzureAdJoined -and $Snap.Phase1.IntuneEnrolled -and
               $Snap.Phase1.EmTaskExists -and $Snap.Phase1.PoliciesBaselineReady -and
               $reportIpDone)
--- a/webapp/templates/imaging.html
+++ b/webapp/templates/imaging.html
@@ -44,7 +44,11 @@
          {% if s.hostname_target %}<code class="ms-2 small text-muted">{{ s.hostname_target }}</code>{% endif %}
          {% if s.pctype %}<span class="badge bg-info text-dark ms-2">{{ s.pctype }}</span>{% endif %}
          {% if s.machinenumber %}<span class="badge bg-secondary ms-1">#{{ s.machinenumber }}</span>{% endif %}
-          {% if s.intune_device_id %}<div class="small text-muted mt-1">Intune: <code>{{ s.intune_device_id }}</code></div>{% endif %}
+          {% if s.intune_device_id %}<div class="small text-muted mt-1">Intune: <code>{{ s.intune_device_id }}</code>
+            <button type="button" class="btn btn-sm btn-outline-secondary py-0 px-1 ms-1"
+                    style="font-size:0.7rem; line-height:1;"
+                    onclick="navigator.clipboard.writeText('{{ s.intune_device_id }}').then(()=>{this.textContent='copied';setTimeout(()=>{this.textContent='copy'},1500)});">copy</button>
+          </div>{% endif %}
        </div>
      </div>
      <span class="badge bg-{{ border }}">{{ s.status or 'in_progress' }}</span>