Revert "migrate-to-wifi: restore wired-disable behavior"
This reverts commit 2b730969dd.
This commit is contained in:
cproudlock
@@ -1,43 +1,30 @@
|
|||||||
# migrate-to-wifi.ps1 - Invoked by FlatUnattendW10-shopfloor.xml as Order 5
|
# migrate-to-wifi.ps1 - No-op as of 2026-04-24.
|
||||||
# during first logon, right after wait-for-internet.ps1 and right before
|
|
||||||
# GCCH enrollment. Moves the machine off wired onto WiFi for the rest of
|
|
||||||
# the imaging chain so the PXE ethernet cable can be safely disconnected.
|
|
||||||
#
|
#
|
||||||
# Gated: if there is no physical Wi-Fi adapter on the machine (tower /
|
# Previously this disabled all wired NICs at first logon to keep PPKG /
|
||||||
# desktop case), the whole migration is a no-op. Previously this step
|
# Intune enrollment routing internet traffic via WiFi. The wired NIC was
|
||||||
# disabled all wired adapters unconditionally and then waited for WiFi
|
# preferred by Windows because the PXE dnsmasq was handing out a default
|
||||||
# internet that could never arrive on towers, hanging first logon forever.
|
# gateway (dhcp-option=3,10.9.100.1) which Windows installed as a default
|
||||||
|
# route, and the lower interface metric of wired beat WiFi. Internet-bound
|
||||||
|
# traffic then black-holed at 10.9.100.1 (the PXE server, which doesn't
|
||||||
|
# forward).
|
||||||
|
#
|
||||||
|
# That root cause was fixed by removing the dhcp-option=3 and =6 lines
|
||||||
|
# from /etc/dnsmasq.conf on the PXE server. Without an advertised gateway
|
||||||
|
# on the PXE side, Windows can't add a default route via wired, so all
|
||||||
|
# internet traffic uses WiFi by default and the wired NIC stays harmless
|
||||||
|
# for same-subnet PXE/SMB traffic to 10.9.100.1.
|
||||||
|
#
|
||||||
|
# Side effect of the original behavior was an eDNC race: eDNC autostart
|
||||||
|
# would fire while the wired NIC was still disabled and hit WSAEINVAL
|
||||||
|
# (Winsock 10022) trying to bind to a non-existent local IP, looping its
|
||||||
|
# retry timer until a SYSTEM task re-enabled the NIC after SFLD creds
|
||||||
|
# landed (often ~30+ min later). Keeping the NIC up the whole time
|
||||||
|
# eliminates that race.
|
||||||
|
#
|
||||||
|
# Kept as a no-op file (instead of removed) so the unattend XML's Order 5
|
||||||
|
# RunSynchronousCommand entry does not need to be re-numbered. If the
|
||||||
|
# dhcp-option lines ever come back, this can be reverted to the disable
|
||||||
|
# logic by restoring from git.
|
||||||
|
|
||||||
$wifi = Get-NetAdapter -Physical -ErrorAction SilentlyContinue |
|
Write-Host 'migrate-to-wifi.ps1: no-op (wired NIC kept enabled).'
|
||||||
Where-Object { $_.InterfaceDescription -match 'Wi-?Fi|Wireless|WLAN|802\.11' }
|
|
||||||
|
|
||||||
if (-not $wifi) {
|
|
||||||
Write-Host 'No WiFi adapter - staying on ethernet.' -ForegroundColor Cyan
|
|
||||||
exit 0
|
|
||||||
}
|
|
||||||
|
|
||||||
Get-NetAdapter -Physical |
|
|
||||||
Where-Object { $_.InterfaceDescription -notmatch 'Wi-?Fi|Wireless|WLAN|802\.11' } |
|
|
||||||
Disable-NetAdapter -Confirm:$false
|
|
||||||
|
|
||||||
$deadline = (Get-Date).AddMinutes(5)
|
|
||||||
$ok = $false
|
|
||||||
while ((Get-Date) -lt $deadline) {
|
|
||||||
try {
|
|
||||||
if (Test-NetConnection -ComputerName login.microsoftonline.us -Port 443 -InformationLevel Quiet -WarningAction SilentlyContinue) {
|
|
||||||
$ok = $true
|
|
||||||
break
|
|
||||||
}
|
|
||||||
} catch {}
|
|
||||||
Start-Sleep -Seconds 5
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($ok) {
|
|
||||||
Write-Host 'Internet confirmed over WiFi.' -ForegroundColor Green
|
|
||||||
} else {
|
|
||||||
Write-Host 'WiFi internet timeout - re-enabling ethernet.' -ForegroundColor Yellow
|
|
||||||
Get-NetAdapter -Physical |
|
|
||||||
Where-Object { $_.InterfaceDescription -notmatch 'Wi-?Fi|Wireless|WLAN|802\.11' } |
|
|
||||||
Enable-NetAdapter -Confirm:$false
|
|
||||||
}
|
|
||||||
exit 0
|
exit 0
|
||||||
|
|||||||
Reference in New Issue
Block a user