Merge pull request #44 from Dakota-LM/main

Added MDM log retrieval process and additional launch config.
immense · Feb 1, 2025 · 38db0b8 · 38db0b8
2 parents f2c15c6 + 3fcb6be
commit 38db0b8
Show file tree

Hide file tree

Showing 2 changed files with 58 additions and 10 deletions.
diff --git a/.vscode/launch.json b/.vscode/launch.json
@@ -5,12 +5,26 @@
     "version": "0.2.0",
     "configurations": [
         {
+            "name": "Launch Edge against localhost",
             "type": "msedge",
             "request": "launch",
-            "name": "Launch Edge against localhost",
             "url": "http://localhost:5173",
             "webRoot": "${workspaceFolder}",
             "preLaunchTask": "serve",
+        },
+        {
+            "name": "Dev Docs - Live Server",
+            "type": "node-terminal",
+            "request": "launch",
+            "command": "yarn docs:dev",
+            "timeout": 3000,
+            "serverReadyAction": {
+                "pattern": ".*Local:.*:([0-9]{1,5}).*",
+                "action": "debugWithEdge",
+                "uriFormat": "http://localhost:%s",
+                "webRoot": "${workspaceFolder}",
+                "killOnServerStop": true
+            }
         }
     ]
 }
diff --git a/troubleshooting.md b/troubleshooting.md
@@ -1,6 +1,6 @@
-::: warning *ImmyBot's EV code-signing certificate is changing on Feb. 11th, 2025*
-Please see the [FAQ section for more details](https://docs.immy.bot/FAQ.html#what-should-i-do-about-immybot-s-upcoming-code-signing-certificate-change) on updating security exclusions.
-:::
+
+> [!WARNING] *ImmyBot's EV code-signing certificate is changing on Feb. 11th, 2025*
+> Please see the [FAQ section for more details](https://docs.immy.bot/FAQ.html#what-should-i-do-about-immybot-s-upcoming-code-signing-certificate-change) on updating security exclusions.
 
 ::: danger *ImmyBot no longer supports Windows 7, Server 2008 (or Server 2012 w/o [ESUs](https://learn.microsoft.com/en-us/windows-server/get-started/extended-security-updates-overview)) machines.*
 Please see the [FAQ section for more details](https://docs.immy.bot/FAQ.html#what-windows-versions-does-immyagent-support)
@@ -164,6 +164,9 @@ Your script path can be found under Settings->Preferences->Script Path
     - [SentinelOne](#sentinelone)
     - [DNSFilter](#dnsfilter)
     - [Group Policy Objects](#group-policy-objects)
+  - [Working With Support](#working-with-support)
+    - [Gather an Endpoint Trace Log](#gather-an-endpoint-trace-log)
+    - [MDMDiagnostics Logs](#mdmdiagnostics-logs)
 
 ### ThreatLocker
 
@@ -281,22 +284,53 @@ User Configuration | Policies | Administrative Templates | Windows Components |
 
 These GPOs have been known to cause issues with running scripts.
 
+
+
+## Working With Support
+
+Support Email:
+
+`[email protected]`
+
+
+Sometimes things go wrong and you just need to send in a support ticket. Here is some of the information they may need to help you out.
+
+
 ### Gather an Endpoint Trace Log
 
+
 Windows Performance Recorder can generate a detailed log of an endpoint's activity, which can be used to see most environmental causes for issues running the Immybot Agent.
 
-These can be resource intensive and can require 2-4 GB available RAM, depending on how active an endpoint is and how long a trace is running for.
+
+> [!NOTE]
+> These can be resource intensive and can require 2-4 GB available RAM, depending on how active an endpoint is and how long a trace is running for.
 
 1. From an elevated CMD prompt, run:
-```
-wpr -start CPU -start Minifilter -start FileIO -start Registry
+```bat
+wpr.exe -start CPU -start Minifilter -start FileIO -start Registry
 ```
 2. Recreate the issue.
 3. Wait 3-5 minutes, depending on the available RAM, and run:
+```bat
+wpr.exe -stop "C:\PerfLogs\examplefilename.etl" -compress
 ```
-wpr -stop c:\PerfLogs\examplefilename.etl -compress
+
+
+If the `wpr -stop` command fails, try running without "-compress"
+
+This ETL can be reviewed in Windows Performance Analyzer from the Windows Performance Toolkit SDK.
+
+### MDMDiagnostics Logs
+
+
+Issues with device enrollment occur often, and the possible reasons behind them are numerous. Logs from the MDMDiagnostics tool can help identify the root cause.
+
+1. From an elevated CMD Prompt, run:
+
+
+```bat
+MDMdiagnosticstool.exe -area "DeviceProvisioning;DeviceEnrollment" -cab "C:\Temp\MDMDiag_Log.cab"
 ```
-If the wpr -stop command fails, try running without "-compress"
 
-This ETL can be reviewd in Windows Performance Analyzer from the Windows Performance Toolkit SDK.
+2. The cab file may be too large to email, so you can create a cloud share and send the link to `[email protected]`.