ge-aerospace/pxe-server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
9beee842f1e54c5620121dda1fcfd3defaad0a08
pxe-server/playbook/shopfloor-setup/Shopfloor
History
cproudlock 9beee842f1 Monitor: deterministic AESFMA cert check via X509Chain root match 
Walk Cert:\LocalMachine\My, build each cert's chain, look for chain
element with thumbprint 27F0C9A22B28CE7687B115A29E31BF4B3ABB180F.
That's the AESFMA.xml TrustedRootCA value = the GE Aerospace
FreeRADIUS root that AESFMA EAP-TLS validates against. A client cert
chained to that root is the SCEP-provisioned AESFMA machine cert.

Combined with the verify-before-delete connect attempt, this gives
two gates:
 1. Cert deterministically exists + chains correctly
 2. netsh wlan connect to AESFMA actually reports State=connected

Only after both pass does INTERNETACCESS get deleted.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-14 17:48:00 -04:00
..
csf
Shopfloor PC type system, webapp enhancements, slim Blancco GRUB
2026-03-26 11:25:07 -04:00
lib
Monitor: deterministic AESFMA cert check via X509Chain root match
2026-05-14 17:48:00 -04:00
00-PreInstall-MachineApps.ps1
Renumber PXE LAN from 10.9.100.0/24 to 172.16.9.0/24
2026-05-14 16:30:32 -04:00
03-ShellDefaults.ps1
UDC firewall rules + Acrobat Reader as default PDF viewer
2026-04-16 09:18:44 -04:00
04-NetworkAndWinRM.ps1
Replace all Unicode characters with ASCII in playbook scripts
2026-04-10 13:23:11 -04:00
05-OfficeShortcuts.ps1
Logging, PCTypes, edge profiles for all types
2026-04-10 11:57:22 -04:00
06-OrganizeDesktop.ps1
Fix ShopFloor autologon persistence, S: drive mapping, sync throttle
2026-04-16 12:29:02 -04:00
07-TaskbarLayout.ps1
Shopfloor imaging: CMM type, Configure-PC override fix, serial drivers
2026-04-11 12:58:47 -04:00
08-EdgeDefaultBrowser.ps1
Shopfloor imaging: CMM type, Configure-PC override fix, serial drivers
2026-04-11 12:58:47 -04:00
09-Install-PrinterInstallerMap.ps1
sweep: pre-existing drift + matrix UDC entry + ignore 142MB EXE
2026-05-04 08:49:43 -04:00
Check-MachineNumber.ps1
Shared machine-number helper, site-config for OpenText + PreInstall, placeholder type dirs
2026-04-10 11:44:10 -04:00
Configure-PC.bat
Shopfloor: Configure-PC tool, machine-number logon prompt, execution order fixes
2026-04-10 08:44:28 -04:00
Configure-PC.ps1
Shopfloor imaging: CMM type, Configure-PC override fix, serial drivers
2026-04-11 12:58:47 -04:00
Force-Lockdown.bat
sweep: pre-existing drift + matrix UDC entry + ignore 142MB EXE
2026-05-04 08:49:43 -04:00
QRCoder.dll
Add QR code display of Intune device ID to sync tool
2026-03-31 10:15:20 -04:00
Register-MapSfldShare.ps1
S: drive mapping via HKLM\Run, autologon-count non-intervention, Phase 4 no-scripts handling
2026-04-16 17:42:22 -04:00
SetShopfloorAutoLogon.bat
sweep: pre-existing drift + matrix UDC entry + ignore 142MB EXE
2026-05-04 08:49:43 -04:00
sync_intune.bat
Shopfloor sync_intune + Set-MachineNumber hardening
2026-04-09 13:30:12 -04:00