I've got to check something in the T3 content, I'll sign out here.

Alright, back here. While I was doing that, I was backing up software. We were backing up Tim's old computer. Um, and uh, Jesus fuck. There's fucking 10,000 files in here. Holy fuck. I don't know what this guy has here, but just in these one folder. Anyways, I was doing that. Oh fuck. Oh yeah, I was letting that run in the background. Um, because yesterday it looks like, uh, looks like it failed. And it didn't tell me where, where it kind of failed. So, today, I'm uploading it, uh, folder by folder, essentially. And I'm down to the last couple, which is stupid, because if you upload something, and the upload fails, it should tell you that it failed. But for some reason, SharePoint didn't. I'm really not liking this whole thing. Like, this is why I like to develop my own software, because this is basic shit, man. Like, if the upload fails, let the user know. When I checked how many files were actually uploaded in SharePoint, there was only 5,500. But, in reality, looking at this right now, there's probably, like, 15,000 at least. There's 10,000 in this NuCon folder on its own, plus a couple other ones. So, definitely it was wrong.

The other part, I get back to this pre-provisioning with Autopilot. So it says, select next to get started with pre-provisioning. Organization magenta construction dot com, that's good. Deployment profile, Autopilot profile, that's good. Assigned user, not assigned. To review or change pre-provisioning configurations, scan the QR code with the companion app on your phone. Make any needed changes. Select refresh. Select this QR code. When I look up this pre-provisioning, it doesn't actually exist. Microsoft releases a source and you have to compile it yourself from a GitHub repository. So you either have to download Android Studio, take their Android package, and pre-compile it. And I don't understand why. Why couldn't Microsoft just release it into the Play Store? Not available for iOS whatsoever. Apparently there is a universal Windows platform version available, can be installed on a Windows 10 device. If I had another Surface, I guess I could scan the QR code. But guess what? That as well, I'm looking at it right now, it's under Microsoft Windows Autopilot Companion Public Archive. It's an archive. Sample companion app for working with Windows Autopilot Whiteglobe workflows. Repository contains a sample app that can be used to modify the settings of a device as part of Windows Autopilot Whiteglobe process. This demonstrates how to make just-in-time configuration adjustments before pre-provisioning the device with needed apps and settings. It can add, remove, or change the users assigned to the Windows Pilot device. Configure the group tag, configure the device name. All of them have to be built. So you have to compile it, they couldn't have just given you an already compiled version. Because Microsoft wants to make things more complicated. I'm really starting to hate Microsoft right now.

It's still doing the same thing, it's still registering your device for mobile management error, so I need to find out what's going on here.

So, I connected a keyboard, hit shift F10, I typed in eventvwr.msc, in the event viewer I went to application and service logs, Microsoft, Windows, device management, enterprise diagnostics provider, and admin, and I looked through the error codes and I found some error codes over there, specifically saying that there was, the system cannot find the specified file for something, and then there's another one, failed to enroll, mmp-c for dual enrollment mode, result the system cannot find the specified file, I'll have to look into that.

I'm going to make a quick tool to upload device provisioning logs to our server.

Still working on this diagnostic script.

I'm still working on the script, just making the main template. I'm working on changing the API function so that it could send files. Then when I do that, I'm going to have to create a server-side script to receive it. And I'm going to have to test to make sure it works, and then make functions to actually collect the logs. I got another hour and a bit.

The reason I'm doing this is not because I need to, because I have the access to do this right now. Like I have the error logs, but the reason that I'm doing this is for future development, so that somebody else runs into this kind of an error. I can end up making a portal. They could run this simple one-liner script. It'll send it to the server. And then on the server side, I can process what the potential errors are and then resolve them. For example, make changes in the Microsoft tenant or whatever, I'll have to create that logic. But for now, it's a good way to get the diagnostic logs off the computer itself, and not only use for this autopilot, but in general, if there's any kind of issues, and then do a log inspection online. And I think even for an MDM or whatever solution if we're gonna still do this AI thing, which I think definitely should still do, having these logs uploaded will help greatly to diagnose what's actually going on during the installation. So when you ask AI, we'll be able to use that data. Not that AI will automatically be able to give you the answer, but at least we'll have some data to know what's going on with the system and what errors are being thrown. A lot of work that's still gonna be involved in doing that, but at least this is a starting idea, proof of concept kind of thing.

I think I just finished writing it, now I'm going to have to test it. I tried to use AI for this, but it's going fucking crazy. I guess it's too much for it to understand. Anyways, it is what it is. But I think I got it, so... Oh, fuck. Teams just crashed. Trying to upload Tim's files. Great. Great. Fuck you, Teams. Fuck you. It starts by doing the diagnostics app, asks for a password, because we always need a password so that people don't send random garbage to us. Then it asks how many hours back. Do you want to collect the logs for him? Do you want to collect all the available logs automatically? Yes or no? Then we define our log functions. Then it goes through, and for each log function, if it's approved, it continues. If it's not approved, it asks them, do you want to include the log name? And... Then... If they click no, then it continues to the next for each loop. If it's yes, then it starts to collect the logs by running the function. And at the end, the function should be a file path that is returned. And if it's returned, then we write collected. And... Yeah. Then we do a new SAM session to get the computer serial number. If it's empty, we write out that we can't get the computer serial number, so logs will not be uploaded, but they'll remain in the temp directory. Then we check the collected log count. If it's greater than zero, we'll send it through API to Windows Diagnostics Send endpoint. And if the response is accepted, then we'll write that it was accepted. And we should be getting a response of the computer serial, which we'll include if it did. And then it'll ask, do you want to clean up the diagnostics files? From the temporary directory, if they hit yes, it'll delete it. If not, then it won't. It'll leave it there. And it'll let them know that it was left there. If the API fails, it'll let them know that it failed to upload, but they're still available for manual review. And if the collected logs is empty, then it'll say no logs were collected to send to the server. And then it...

Alright, I've written a file. Now I'm going to create a file to dump the inputs because I haven't tested this PowerShell script yet, so I'll just speculate it in my head. So I'm going to get, just create something to dump all the post data into a directory and then if it works, then I'll go ahead and deploy it onto this computer.

I will keep the service password the same as it was for the OOBE.

Yeah, I have to make a new class for dealing with diagnostic bugs.

I created a database table for computer diagnostic logs under data, then I created a class in the namespace DataComputer for DiagnosticLog, and now I'm just going to make it do the magic.

I wrote the receiver script. I'm going to give it a try. I'm going to open up a new PowerShell. I think I turned the computer on already. I'm going to open up a sandbox. I've got a sandbox opened. For fuck's sake, Task Manager, I closed you. Don't stay on top, man. All right. Created a new terminal. Oh, yeah, I have to include the diagnostic and the routes. Diagnostics.route.diagnostics. Okay. Added that. I'm going to add a new terminal. Okay. Added that. Double check. Download. Diagnostics PowerShell. Submit diagnostics data. That should be good. This script should be okay. This should be okay. I can close this. I can close this. I can close this. Okay. I'm going to create a readme file. So I can document everything that's going on here. So the next person will know what's going on in case I have a mental breakdown. I will copy this PowerShell command. And, oh, I forgot to clear the fucking error logs. That's okay. Even though I started. Okay. Password. How many hours back? Four. Cannot be applied to variable that does not exist. Fuck you. Okay. I have an error on the code.

Yeah, and that was AI that wrote that section of the code. And I was wondering why it was doing that. Cannot bind argument to diagnostics temp directory. Cannot bind argument to path because it is null. Cannot bind argument to path because it is null. 471, oh, 471.23, 471.23, 471.23. Write and pull path. Actually, let's just print temp dir. Okay. That should be fixed. How many hours back? Do I collect all? Error uploading files. Log files have been saved. Server returned 401, unauthorized. Let's look at the logs. Refresh. Oh. How did I break? Oh, because I opened it with the other class, or with the autoloader. Okay. Incorrect service password. So we had received. We got a get. Okay. And now we sent a post. We got the serial number. Oh, because it's trying to set. It's trying to set. Oh, okay, I see here. That's going to be easy. I thought I changed that already. Because when we collected the password, we asked for the password, plain password. Aha. Service password. Problem solved. Let's try it again. Delete my logs. And now everything should be fine. Yep. Okay. How many hours back? Four hours. Now let's try no list. Oh. Do you want to include system account logs? Yes. Okay. Okay. Okay. Okay. Okay. Okay. Okay. Okay. Do you want to include system account logs? Yes. Logs successfully uploaded. Do you want to clean up the logs? Let's see if they're actually uploaded here. And let's see if they're actually sent. This PC. New. Show. Hidden files. Are you into assets? Diagnostics? Temp? Yep. You got it. Okay. Let's clean it up. Oh. I hit yes. Do you want to clean up all the diagnostics data? I hit yes. Okay. Oh, fuck. If key. Not key option. If key option. Okay. And that's all the little glitches out of here, I think. All right. And let's see if the system event log collected anything. Let's see if it actually sent to the server. Okay. Oops, I forgot. I forgot. Uh-oh. New file. Web array. Ignore. And put a star in here. Ignore this. And. Under windows diagnostics data. We are going to. Exclude path. Okay....

All right, trying to see if I will write one that it had a good grasp over and we'll see if it passes or not. And that'll be the last one that I need to write. Well, then everything looks like it'll be working A-okay. And I could run this command. Get some diagnostics data. It seems to be very, very, very slow for some reason. It's like it's trying to clear shit up, but it can't.

No. It completely fucked up. It completely wrote its own fucking mind-fucked function that it thinks will fucking work. I don't know why. The solution was fucking simple but it couldn't fucking do it. Like, I want to fucking hang myself.

Alright, looks like everything is working, and I'm just going to double check, and meanwhile I'm still uploading Ken's files. Bit by bit, there's a lot of errors. Alright. Everything seems to work with this code that I created to do the error logs. I'm going to run it on the computer right now. Actually, I'm just going to reset all my test stuff because that's exactly what it was. Test stuff. I'm going to shut this down. This sandbox. Alright. And I'm going to go in the database. Access denied. I'm going to log back in again. Alright. Back MDM. Under computers, diagnostics log, operations. Oh, actually, before I do that, I need to enable all the checks to make sure that we link the computer with it. This is actually a pretty cool. Pretty cool. Hey, wait a minute. Oh, right. This is actually pretty cool because this is something Microsoft actually should have done, and they didn't. Is to just centralize all the diagnostic reports online. I don't understand why they wouldn't. That's absolutely fucking stupid. Absolutely. Okay. What table are we in? We're in the right one. Okay. I'm going to truncate. And that should set our auto increment back to zero. Okay. Cool. Now there's added security so that only our computers can submit logs as well.

It's just running on the remote computer right now, it looks like it's collecting a lot of data actually from the MDM diagnostics, which is good. So help me figure out what's going on.

Alright, I think I made the function, now let me try to run through all the diagnostics logs I guess and try to figure out what happened.

Alright, getting down to the bottom of this, I guess, I don't know what the issue is. I think I have an idea what the issue is, but I've got to look through these log files. There's about 50 megs of log files, so you can imagine how much garbage there is.

Based on a suggestion that I see online, I'm going to try resetting the PC. It's currently at 11%. Actually, I initiated the reset already before my last message, so I'll let it reset and see if we could enroll it again. Tim's computer file uploads are giving me a lot of problems. I don't know why. But anyways, maybe I'll just back them up onto USB or zip them and worry about it later.

Alright, it's at 81% and fucking, this crashed again, Tim's computer fucking crashed again. For fuck's sake. You know what? Let's do this. Let's compress everything to a zip file. And upload the fucking zip file.

Alright, looks like the zip is done, so I'm going to delete everything. The computer has... where the fuck is it? Oh, it's on a new phone. And we'll delete all of the builders, and let's click delete. And I'm going to move that. Something's going on now with the computer. I have no idea what. It's doing some upgrades, so very possibly it needed something to upgrade. And I've sent this file to upload. Okay, so let's see here what's going on. What country am I in? Canada. US. Skip. Let's connect you to a network. Okay. Got to enter the password, which I don't remember anymore.

It has reset itself. I'm going to try actually signing in using my email. We're going to see if this works this way instead. The white glove thing might not work all the time, so.

I think this computer is losing internet connectivity or something, because it keeps saying lost connection.

well apparently now it's doing something saying this may take a few minutes so we'll see if the setup process works. Tim's file uploads are about three gig rather than nine so let's see how this goes

well apparently it provisioned everything so let me check in action one hmm it it did install it for the user but it's under default user

It's not showing up as Active Directory joined in here. I mean, it seems to be working. All the shit that's supposed to be installed is not fucking installed. But apparently, Action 1 is. But I'm looking and it's not actually installed. So this is not a domain joined computer, or... Fuck's sake. Oh. Because I don't think I have admin privileges now on this computer.

No, I do. But I do not understand what's going on here. The default app was installed and now uninstalled. Action 1 is showing that it was added, but now it's no longer showing as being added. It's not active anymore. February 28th. Agent install date, February 27th. That was yesterday. For fuck's sake, men. Last seen, 307. That was slightly before I did my reset.

I don't know, apparently it did it, but it didn't do it.

So the computer booted up. Hold on one second, I've got to finish some things up here that I'm working on with the branding and the logo and the sign in.

Hmm. Well, it seemed to have installed it now, so it is domain joined I guess. It created two entries in the computer. But, let's wait and see, I guess, what happens.

Well, my detection script seems to work for Intune, so that's good. Except it's detecting these as two different fucking computers. What the hell is going on here? This is going to make a mess and a half.

All right, we're getting somewhere, but there's still a lot of errors and certain things have not yet installed. So I'm going to wait for a little bit to see if this goes, and I'm going to check why some policies are not being applied, because those are very important.

I don't like this method of pre-provisioning the devices because you always have to assign the device to the user, for example, assign it to myself. That makes an extra step when I have to hand off the device to somebody else, that somebody would have to go into Intune physically, and into Azure, and change the device owner to somebody else, so they'd be the primary owner. Otherwise, they won't be able to use things like company portal and becomes a bit of a mess. So to try to avoid this extra step, the White Glove install, or without the user, would be the best way to do it, but at least there's some progress, which is good.

So another bit of stupidity here, doing one drive configuration and I noticed why it's not working because there's duplicate policies applied. So Microsoft for some reason names, this is fucking stupid, so to configure you have to go into a settings, you have to create a profile and you go into the settings catalog and the settings catalog lists different options that you can do. And this is happening very often because I see duplicates here. Let's see here. Always use a user's Windows display language when provisioning known folders in OneDrive. There's two of those. Configure team site libraries to sync automatically. Two of those. Continue syncing on, oh no, that one's not syncing. Anyways, the one that I'm having an issue with, silently move Windows known folders to OneDrive. They're named the exact same way. When I hover over the description, it's a long ass description and both of them are the exact same. One has one option, one set of options, one has a different set of options. I don't understand why Microsoft in the notes couldn't have, you know, the multi-billion dollar company that they are, just have somebody put in in brackets old setting, do not use, or you know, whatever. Or don't show the old settings if it's, if that's what it is. I don't know if it's a glitch or what, but there's literally two settings and I know if you apply both of them, it won't work. So you have to choose one or the other and if I apply the old one, it won't fucking work or eventually it'll stop working. I have to choose the correct one. And so the only way to do that would seem to pick one, literally one setting out of the 98 that I'm applying over here, or sorry, 75 that I'm applying over here. I would have to do them one by one and wait for it to provision on the computer, which could take anywhere between five minutes to four hours. Or I can go in and I can manually force it to provision, which sometimes will end up provisioning automatically, relatively quickly. But still, it'd probably be about, it's not...

I'm trying to enable network discovery in Intune, they don't even have a fucking setting for it.

All right, well, can't turn on network discovery, I guess. Not without another PowerShell script. The fuck does Intune do, then? Really fucking pissing me off now.

These guys are fucking geniuses, like, it's not letting me go ahead, I have to redo all these settings that I just did. Because it's saying the value must not be empty when I don't have the fucking value configured. Fucking shit ass stupid stuff, man.

Yeah, I'm still working on a Friday at 7.30.

All right, I'm going to give up for the day. Provisioning... What's-his-name's old computer there. Tim's old computer. I just ran the script. It quite a bit failed to register the serial number properly. Windows Pro key to upgrade it. I need to make a note here. Initial Windows key after activation, because failed. And the host name for some reason isn't set. I don't know why, but I know what I had before worked better. So, anyways, I'm going to try this now. Reset PC. Fix problems using Windows Update. Nope, just reset the PC. Actually, fuck, that's going to be another hour. I might do this a different day, because this computer's going to heat up. I'll end up working tomorrow, I guess. Sorry.