ge-aerospace/pxe-server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2b730969dd853d87c4a38b9dc24a2526866d2deb
pxe-server/playbook/migrate-to-wifi.ps1
cproudlock 2b730969dd migrate-to-wifi: restore wired-disable behavior 
Reverts the 2026-04-24 no-op stub. Empirically the gateway-suppression
fix (dnsmasq dhcp-option=3/=6 empty) alone is NOT sufficient to keep
Windows from using the wired NIC for Intune Device Configuration / DSC
traffic. Even with no default route on wired AND the unattend's
InterfaceMetric trick (WiFi=10, Wired=100), the bay stalls on the DSC
phase until the wired cable is physically unplugged.

Restoring the prior body that disables non-WiFi NICs at first logon
post-PPKG. Gated on Get-NetAdapter for a Wi-Fi/Wireless/WLAN/802.11
adapter - towers without WiFi stay on ethernet (the only-NIC scenario
where disabling would hang first logon). Falls back to re-enabling
ethernet if login.microsoftonline.us:443 doesn't respond within 5 min.

Monitor-IntuneProgress.ps1 already has the symmetric re-enable
("Re-enable any wired NICs that Order 5 disabled") at the start of its
monitor loop, which kicks in after DSC creds land. Net effect: wired
disabled during the DSC fetch window, re-enabled by the time eDNC
autostart needs the local NIC.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-13 12:26:43 -04:00

44 lines
1.6 KiB
PowerShell
Raw Blame History

# migrate-to-wifi.ps1 - Invoked by FlatUnattendW10-shopfloor.xml as Order 5
# during first logon, right after wait-for-internet.ps1 and right before
# GCCH enrollment. Moves the machine off wired onto WiFi for the rest of
# the imaging chain so the PXE ethernet cable can be safely disconnected.
#
# Gated: if there is no physical Wi-Fi adapter on the machine (tower /
# desktop case), the whole migration is a no-op. Previously this step
# disabled all wired adapters unconditionally and then waited for WiFi
# internet that could never arrive on towers, hanging first logon forever.
$wifi = Get-NetAdapter -Physical -ErrorAction SilentlyContinue |
Where-Object { $_.InterfaceDescription -match 'Wi-?Fi|Wireless|WLAN|802\.11' }
if (-not $wifi) {
Write-Host 'No WiFi adapter - staying on ethernet.' -ForegroundColor Cyan
exit 0
}
Get-NetAdapter -Physical |
Where-Object { $_.InterfaceDescription -notmatch 'Wi-?Fi|Wireless|WLAN|802\.11' } |
Disable-NetAdapter -Confirm:$false
$deadline = (Get-Date).AddMinutes(5)
$ok = $false
while ((Get-Date) -lt $deadline) {
try {
if (Test-NetConnection -ComputerName login.microsoftonline.us -Port 443 -InformationLevel Quiet -WarningAction SilentlyContinue) {
$ok = $true
break
}
} catch {}
Start-Sleep -Seconds 5
}
if ($ok) {
Write-Host 'Internet confirmed over WiFi.' -ForegroundColor Green
} else {
Write-Host 'WiFi internet timeout - re-enabling ethernet.' -ForegroundColor Yellow
Get-NetAdapter -Physical |
Where-Object { $_.InterfaceDescription -notmatch 'Wi-?Fi|Wireless|WLAN|802\.11' } |
Enable-NetAdapter -Confirm:$false
}
exit 0
Reference in New Issue View Git Blame Copy Permalink