azcomputerguru/claudetools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

glaztech: Tom reply #2 (sent) + quo checklist + payroll/TimeForce answer logged

Browse Source 
- 2026-06-05-tom-reply2-draft.md (SENT): web-DB rearchitecture ack, CVV-no-paper
  correction, key-backup/escrow guidance, least-priv sync-job note
- 2026-06-05-tom-quo-checklist.txt: clean 80-site quo() list sent to Tom
- session log: TimeForce 2005->2008->2016 payroll chain (load-bearing, preserve)
- guru-rmm submodule pointer -> dashboard redesign doc set (local)

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
Mike Swanson
2026-06-05 14:37:25 -07:00
parent 68298c8b70
commit 1aa9fcecad
4 changed files with 124 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
clients/glaztech/session-logs/2026-06-05-session.md
View File

@@ -148,3 +148,26 @@ Offered: the quo() fix-list as a stored-proc conversion checklist; help defining
WAF + SQL network segmentation. Sequence: E4 service acct -> clean copy steps -> xp_cmdshell off ->
domain-admin rotation.
- Reference 58KB job dump: tool-results/b30gcchnr.txt (this session's transcript dir).
## Update — Tom's answer on the payroll/qqest cross-SQL-version chain (2026-06-05)
Resolves the Thread-1 question from the :3436 backup-job recon (was it vestigial?). It is NOT —
it's the **TimeForce** payroll bridge and it's load-bearing:
- **TimeForce** (hourly employee timestamps) runs on **SQL 2005**.
- Data path: **2005 -> 2008 -> 2016**. The 2008 hop is a required transition (can't go 2005 -> 2012+
directly); from 2008 it's pushed to the active **2016** instance that runs most processes. The
chain also doubles as an **active backup** of TimeForce.
- Can't run TimeForce directly on 2016: the program is too old (compatibility issues) AND they have
**no installation media** to reinstall it. So Tom built the multi-hop chain rather than risk
breaking hourly payroll.
- Tom: "deal with this after we get the website security all fixed up." Agreed — out of scope now.
**Implications for our work:**
- The cross-version sync jobs we saw on :3436 are this TimeForce chain — **preserve them**; do NOT
touch the 2005->2008->2016 flow during the E-bucket / backup-copy cleanup.
- Our backup-job fix (recreate the cleartext domain-admin `net use` COPY steps cleanly) is a
SEPARATE concern from the TimeForce payroll chain — keep them distinct.
**Future remediation item (PARKED, post-website, agreed with Tom):** SQL 2005 is long EOL/unpatched
and the app has no reinstall media — a real fragility + security liability. Candidate for a later
named project (modern time-clock or a supported re-platform), not now.