Shopfloor: single autologon, clear Start pins, Intune sync tool, update docs

- AutoLogonCount reduced from 2 to 1 in Run-ShopfloorSetup.ps1
- Remove default pinned Start Menu tiles and set blank layout for future users
- Add sync_intune.bat: triggers MDM sync and polls for SFLD group policies
- Update README.md and SETUP.md with current project state (boot chain, new
  scripts, samba shares, webapp pages, commit history)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

SETUP.md

@@ -10,7 +10,7 @@ Client PXE boot
   -> iPXE boot menu (HTTP, port 4433)
      ├── Windows PE -> wimboot -> boot.wim -> startnet.cmd -> Samba -> Image deployment
      ├── Clonezilla -> vmlinuz/initrd -> Disk cloning/imaging
-     ├── Blancco    -> vmlinuz/initrd -> NIST 800-88 drive erasure (auto-reports)
+     ├── Blancco    -> Native kernel + initramfs -> NIST 800-88 drive erasure (auto-reports)
      └── Memtest86+ -> Memory diagnostics
 ```
 
@@ -117,6 +117,8 @@ Access at `http://10.9.100.1:9009` from any machine on the isolated network.
 | startnet.cmd      | /startnet   | Edit startnet.cmd inside boot.wim (wimtools)   |
 | Clonezilla Backups| /backups    | Upload/download/manage disk backup images      |
 | Blancco Reports   | /reports    | View/download drive erasure reports            |
+| Image Config      | /images/*/config | Per-image driver, OS, and hardware config |
+| Enrollment        | /enrollment | GCCH bulk enrollment package management         |
 | Audit Log         | /audit      | Activity history for all write operations      |
 
 ## Verification
@@ -159,12 +161,20 @@ pxe-server/
 │   └── meta-data                 # Cloud-init metadata (required, empty)
 ├── playbook/
 │   ├── pxe_server_setup.yml      # Ansible: dnsmasq, Apache, Samba, iPXE, UFW, webapp
-│   └── inventory.ini             # Ansible inventory
+│   ├── inventory.ini             # Ansible inventory
+│   ├── startnet.cmd              # WinPE startup script (injected into boot.wim)
+│   ├── blancco-init.sh           # Custom initramfs for Blancco PXE boot
+│   ├── blancco-preferences.xml   # Blancco auto-report preferences
+│   ├── check-bios.cmd            # Pre-imaging BIOS update checker
+│   ├── FlatUnattendW10-shopfloor.xml  # Shopfloor unattend.xml
+│   └── shopfloor-setup/          # PC type setup scripts (Standard, CMM, Display, etc.)
 ├── webapp/
-│   ├── app.py                    # Flask application
+│   ├── app.py                    # Flask application (~1600 lines)
 │   ├── requirements.txt          # Python deps (flask, lxml)
 │   ├── static/                   # CSS, JS, fonts, logo (all bundled offline)
-│   └── templates/                # Jinja2 HTML templates
+│   └── templates/                # Jinja2 HTML templates (10 pages)
+├── docs/
+│   └── shopfloor-display-imaging-guide.md  # End-user imaging guide
 ├── unattend/
 │   └── FlatUnattendW10.xml       # Windows unattend.xml template
 ├── boot-tools/                   # Extracted boot files (gitignored, built by prepare-boot-tools.sh)
@@ -176,7 +186,14 @@ pxe-server/
 ├── download-packages.sh          # Downloads all offline packages
 ├── build-usb.sh                  # Builds the 2-partition installer USB
 ├── prepare-boot-tools.sh         # Extracts/patches boot tools from ISOs
+├── build-proxmox-iso.sh          # Builds self-contained Proxmox installer ISO
 ├── test-vm.sh                    # KVM test environment
+├── test-lab.sh                   # Full PXE lab with server + client VMs
+├── startnet-template.cmd         # startnet.cmd template (synced with playbook copy)
+├── Download-Drivers.ps1          # Download hardware drivers from GE CDN (Windows)
+├── Upload-Image.ps1              # Upload MCL cache to PXE server via SMB (Windows)
+├── download-drivers.py           # Download Dell drivers directly from dell.com
+├── sync_hardware_models.py       # Sync hardware model configs across images
 ├── README.md                     # Project overview
 └── setup-guide-original.txt      # Original manual setup notes (reference)
 ```
@@ -208,5 +225,7 @@ pxe-server/
 | winpeapps       | /srv/samba/winpeapps       | WinPE deployment images       |
 | clonezilla      | /srv/samba/clonezilla      | Clonezilla disk backup images |
 | blancco-reports | /srv/samba/blancco-reports | Blancco erasure reports (auto)|
+| enrollment      | /srv/samba/enrollment      | GCCH bulk enrollment packages |
+| image-upload    | /home/pxe/image-upload     | Image upload staging area     |
 
 All shares use guest access for the isolated network.