Shopfloor: Configure-PC tool, machine-number logon prompt, execution order fixes
New tools:
Configure-PC.bat/.ps1 - Interactive desktop tool for SupportUser to
configure a shopfloor PC after imaging. Two sections:
1. Machine number: if UDC/eDNC are still at placeholder 9999, prompt
to set the real number right now (updates UDC JSON + eDNC registry,
restarts UDC.exe with new args).
2. Auto-startup toggle: pick which apps start at user logon from a
numbered list (UDC, eDNC, Defect Tracker, WJ Shopfloor, Plant Apps).
Creates/removes .lnk files in AllUsers Startup folder. Toggle UI
shows [ON]/[ ] state, safe to re-run anytime. Plant Apps URL
resolved from .url file at runtime with hardcoded fallback to
https://mes-wjefferson.apps.lr.geaerospace.net/run/...
3. Item 6 in the toggle list: register/unregister a "Check Machine
Number" logon task for standard (non-admin) users. When enabled,
the task fires at every logon, checks for 9999, pops an InputBox
if found, updates both apps, then unregisters itself on success.
Check-MachineNumber.ps1 - The logon task script. Runs as the logged-in
user (needs GUI for InputBox), not SYSTEM. Writing to ProgramData + HKLM
is possible because 02-MachineNumberACLs.ps1 pre-grants BUILTIN\Users
write access on the two specific targets during imaging.
02-MachineNumberACLs.ps1 - Standard type-specific script (runs after
01-eDNC.ps1). Opens C:\ProgramData\UDC\udc_settings.json for Users:Modify
and HKLM:\...\GE Aircraft Engines\DNC\General for Users:SetValue. Narrow
scope, not blanket admin.
Execution order fixes in Run-ShopfloorSetup.ps1:
The dispatcher now has two lists: $skipInBaseline (scripts NOT run in the
alphabetical baseline loop) and $runAfterTypeSpecific (scripts run
explicitly after type-specific scripts complete). This fixes the bug where
06/07 ran before 01-eDNC.ps1 installed DnC, so eDNC/NTLARS shortcuts were
silently skipped.
New execution order:
Baseline: 00-PreInstall, 04-NetworkAndWinRM (skipping 05-08 + tools)
Type-specific: 01-eDNC, 02-MachineNumberACLs
Finalization: 06-OrganizeDesktop, 07-TaskbarLayout
06 internally calls 05 (Office shortcuts, Phase 0) and 08 (Edge config,
Phase 4) as sub-phases, so they also benefit from running late. Office
isn't installed until after the first reboot (ppkg streams C2R), so 05
no-ops at imaging time but succeeds when 06's SYSTEM logon task re-runs
it on the second boot. 08 resolves startup-tab URLs from .url files
delivered by DSC (even later); same self-heal via the logon task.
Other fixes in this commit:
- OpenText Setup-OpenText.ps1 Step 4: exclude WJ_Office.lnk, IBM_qks.lnk,
mmcs.lnk desktop shortcuts (matching the Step 3 .hep profile exclusion
from the previous commit). Removes stale copies from prior installs.
- 05-OfficeShortcuts.ps1: widened Office detection to 6 path variants
covering C2R + MSI + Office15/16, with diagnostic output on miss.
- 06-OrganizeDesktop.ps1: removed Phase 3 (desktop-root pin copies for
eDNC/NTLARS) so shortcuts live in Shopfloor Tools only, not duplicated
at root. Emptied $keepAtRoot. Added Phase 0 (call 05) and Phase 4
(call 08). Lazy folder creation + empty-folder cleanup. Scheduled task
now runs as SYSTEM (was BUILTIN\Users with Limited which failed the
admin check). Added NTLARS to 07's taskbar pin list.
- 08-EdgeDefaultBrowser.ps1: Plant Apps URL fallback hardcoded from
device-config.yaml.
- All new scripts have Start-Transcript logging to C:\Logs\SFLD\ with
timestamps and running-as identity.
- Run-ShopfloorSetup.ps1: Start-Transcript + Stop-Transcript wrapping
entire dispatcher run, writes to C:\Logs\SFLD\shopfloor-setup.log.
Configure-PC.bat added to SupportUser desktop copy list.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
cproudlock
@@ -1,6 +1,24 @@
|
||||
# Run-ShopfloorSetup.ps1 - Dispatcher for shopfloor PC type setup
|
||||
# Runs Shopfloor baseline scripts first, then type-specific scripts on top.
|
||||
|
||||
# --- Transcript logging ---
|
||||
# Captures everything the dispatcher and all child scripts write to host so
|
||||
# we can diagnose setup failures after the fact. -Append + -Force so repeat
|
||||
# invocations (e.g. after a reboot mid-setup) accumulate instead of clobbering.
|
||||
$logDir = 'C:\Logs\SFLD'
|
||||
if (-not (Test-Path $logDir)) {
|
||||
try { New-Item -ItemType Directory -Path $logDir -Force | Out-Null } catch { $logDir = $env:TEMP }
|
||||
}
|
||||
$transcriptPath = Join-Path $logDir 'shopfloor-setup.log'
|
||||
try { Start-Transcript -Path $transcriptPath -Append -Force | Out-Null } catch {}
|
||||
|
||||
Write-Host ""
|
||||
Write-Host "================================================================"
|
||||
Write-Host "=== Run-ShopfloorSetup.ps1 starting $(Get-Date -Format 'yyyy-MM-dd HH:mm:ss') ==="
|
||||
Write-Host " Transcript: $transcriptPath"
|
||||
Write-Host "================================================================"
|
||||
Write-Host ""
|
||||
|
||||
# Bump AutoLogonCount HIGH at the start so reboots during setup (e.g. VC++ 2008
|
||||
# triggering an immediate ExitWindowsEx) don't exhaust autologin attempts before
|
||||
# the dispatcher can complete. The end-of-script reset puts it back to 2 once
|
||||
@@ -40,11 +58,44 @@ if (-not $pcType) {
|
||||
|
||||
Write-Host "Shopfloor PC Type: $pcType"
|
||||
|
||||
# --- Run Shopfloor baseline scripts first ---
|
||||
# Scripts to skip in the alphabetical baseline loop. Each is either run
|
||||
# explicitly in the finalization phase below, or invoked internally by
|
||||
# another script:
|
||||
#
|
||||
# 05 - Office shortcuts. Invoked by 06 as Phase 0. Office isn't installed
|
||||
# until after the first reboot, so 05 no-ops on the imaging run.
|
||||
# 06's SYSTEM logon task re-runs it on the second boot.
|
||||
# 06 - Desktop org. Phase 2 needs eDNC/NTLARS on disk (installed by
|
||||
# type-specific 01-eDNC.ps1). Run in finalization phase.
|
||||
# 07 - Taskbar pin layout. Reads 06's output. Run in finalization phase.
|
||||
# 08 - Edge default browser + startup tabs. Invoked by 06 as Phase 4.
|
||||
# Reads .url files delivered by DSC (after setup reboots). 06's
|
||||
# SYSTEM logon task re-runs it to pick them up.
|
||||
$skipInBaseline = @(
|
||||
'05-OfficeShortcuts.ps1',
|
||||
'06-OrganizeDesktop.ps1',
|
||||
'07-TaskbarLayout.ps1',
|
||||
'08-EdgeDefaultBrowser.ps1',
|
||||
'Check-MachineNumber.ps1',
|
||||
'Configure-PC.ps1'
|
||||
)
|
||||
|
||||
# Scripts run AFTER type-specific scripts complete. 05 and 08 are NOT
|
||||
# here because 06 calls them internally as sub-phases.
|
||||
$runAfterTypeSpecific = @(
|
||||
'06-OrganizeDesktop.ps1',
|
||||
'07-TaskbarLayout.ps1'
|
||||
)
|
||||
|
||||
# --- Run Shopfloor baseline scripts first (skipping deferred ones) ---
|
||||
$baselineDir = Join-Path $setupDir "Shopfloor"
|
||||
if (Test-Path $baselineDir) {
|
||||
$scripts = Get-ChildItem -Path $baselineDir -Filter "*.ps1" -File | Sort-Object Name
|
||||
foreach ($script in $scripts) {
|
||||
if ($skipInBaseline -contains $script.Name) {
|
||||
Write-Host "Skipping baseline: $($script.Name) (runs in finalization phase)"
|
||||
continue
|
||||
}
|
||||
shutdown /a 2>$null
|
||||
Write-Host "Running baseline: $($script.Name)"
|
||||
try {
|
||||
@@ -74,13 +125,36 @@ if ($pcType -ne "Shopfloor") {
|
||||
}
|
||||
}
|
||||
|
||||
# --- Finalization: run deferred baseline scripts (desktop org, taskbar pins)
|
||||
# ---
|
||||
# These needed to wait until all apps (eDNC, NTLARS, UDC, OpenText) were
|
||||
# installed by the baseline + type-specific phases above. 06 internally
|
||||
# calls 05 (Office shortcuts) and 08 (Edge config) as sub-phases, so we
|
||||
# only need to invoke 06 and 07 explicitly here.
|
||||
foreach ($name in $runAfterTypeSpecific) {
|
||||
$script = Join-Path $baselineDir $name
|
||||
if (-not (Test-Path $script)) {
|
||||
Write-Warning "Deferred script not found: $script"
|
||||
continue
|
||||
}
|
||||
shutdown /a 2>$null
|
||||
Write-Host "Running deferred baseline: $name"
|
||||
try {
|
||||
& $script
|
||||
} catch {
|
||||
Write-Warning "Deferred script $name failed: $_"
|
||||
}
|
||||
}
|
||||
|
||||
Write-Host "Shopfloor setup complete for $pcType."
|
||||
|
||||
# Copy utility scripts to SupportUser desktop
|
||||
$syncScript = Join-Path $setupDir "Shopfloor\sync_intune.bat"
|
||||
if (Test-Path $syncScript) {
|
||||
Copy-Item -Path $syncScript -Destination "C:\Users\SupportUser\Desktop\sync_intune.bat" -Force
|
||||
Write-Host "sync_intune.bat copied to desktop."
|
||||
foreach ($tool in @('sync_intune.bat', 'Configure-PC.bat')) {
|
||||
$src = Join-Path $setupDir "Shopfloor\$tool"
|
||||
if (Test-Path $src) {
|
||||
Copy-Item -Path $src -Destination "C:\Users\SupportUser\Desktop\$tool" -Force
|
||||
Write-Host "$tool copied to desktop."
|
||||
}
|
||||
}
|
||||
|
||||
# Standard PCs get the UDC/eDNC machine number helper
|
||||
@@ -98,5 +172,13 @@ if ($pcType -eq "Standard") {
|
||||
reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v AutoLogonCount /t REG_DWORD /d 2 /f | Out-Null
|
||||
Write-Host "Auto-logon set to 2 remaining logins."
|
||||
|
||||
Write-Host ""
|
||||
Write-Host "================================================================"
|
||||
Write-Host "=== Run-ShopfloorSetup.ps1 complete $(Get-Date -Format 'yyyy-MM-dd HH:mm:ss') ==="
|
||||
Write-Host "================================================================"
|
||||
|
||||
# Flush transcript before shutdown so the log file is complete on next boot
|
||||
try { Stop-Transcript | Out-Null } catch {}
|
||||
|
||||
Write-Host "Rebooting in 10 seconds..."
|
||||
shutdown /r /t 10
|
||||
|
||||
Reference in New Issue
Block a user