1ae5bdce57
scripts/diagnostics/Capture-LockdownState.ps1 captures Windows endpoint state at three lifecycle checkpoints so the deltas isolate which phase delivered (or failed to deliver) each component: - pre-category - PPKG-enrolled, no Intune category yet - post-category - category-driven assignments arrived, pre-lockdown - post-lockdown - kiosk + autologon + AppLocker fully landed Bumped from the previous 2-stage (pre/post) version. Legacy 'pre'/'post' aliases preserved. Captures additions driven by the SFLD-DSC v2.0.2 post-mortem: - IMECache file listing (catches missing sastoken.txt) - DSCDeployment.log + version.txt copied from C:\pc\ - SFLD\DSC payload listing - C:\Logs\BPRT\ runtime state (criticalChecks.json, packageInfo.json) - C:\WCDApps\ deploy verification - Windows\Provisioning\Diagnostics copy - Tasks-RunHistory.csv with LastRunTime + LastTaskResult per task - DeviceManagement-Events.csv (MDM 429s, AAD token failures) - Provisioning-Events.csv (PPKG runtime errors) - MDM-Certificates.csv (enrollment cert health) scripts/diagnostics/snapshot-runbook.txt: step-by-step ops guide covering when to fire each stage, where output lands, how to ship it back via image-upload share, and which files to compare first when diffing.
4.8 KiB
4.8 KiB