sync: auto-sync from HOWARD-HOME at 2026-07-04 17:49:31

Author: Howard Enos
Machine: HOWARD-HOME
Timestamp: 2026-07-04 17:49:31
This commit is contained in:
2026-07-04 17:49:58 -07:00
parent 6d36f7151c
commit 21b198f1ee
3 changed files with 23 additions and 13 deletions

View File

@@ -207,7 +207,7 @@
- [Windows won't-boot / offline DISM repair playbook](windows-offline-dism-repair-gotchas.md) — Automatic Repair loop = boot-critical fault (disk/registry/wedged update), NOT shell/appx store corruption (that's a symptom); `FaultyPackageInProgress` + 100s of Install/Uninstall-Pending packages = wedged CU -> RevertPendingActions or clean install. Offline DISM rejects `wim:` source (0x800f082e) -> MOUNT the wim, source `\Windows`. Ventoy breaks WIM mount (0xc1420134) -> use Rufus. 25H2(26200)=24H2(26100)+enablement, so match 26100 media. First hit: Four Paws AvImark #32447.
- [365 app suite — authoritative map + consent-drift fix](reference_365_app_suite.md) — full map in `.claude/skills/remediation-tool/references/app-suite.md`; per-tenant consent is NOT uniform (VWP had the app but no SharePoint role). Run `consent-audit.sh <tenant|--all>` to detect gaps; fix via adminconsent URL or direct appRoleAssignment grant.
- [Remediation-tool has full M365 access (incl. SharePoint)](reference_remediation_tool_365_access.md) — the app suite covers Graph/EXO/Defender/SharePoint; don't declare "no access" on an accessDenied. SharePoint app-only needs a CERT (secret = "Unsupported app only token"); use get-token.sh `sharepoint`/`sharepoint-admin` tiers + CSOM admin API (Graph /admin/sharepoint/settings scope not held). Full map: skill references/app-permissions-and-sharepoint.md.
- [AV migration: Bitdefender -> Datto EDR](project_av_migration_bitdefender_to_edr.md) — retire Bitdefender fleet-wide except Dataforth; end-state per machine = GuruRMM + Datto EDR
- [AV migration: Bitdefender -> Datto EDR](project_av_migration_bitdefender_to_edr.md) — retire Bitdefender fleet-wide, ONLY exception Glaztech (Dataforth migrates); end-state per machine = GuruRMM + Datto EDR
- [RMM deploy via ScreenConnect](reference_rmm_deploy_via_screenconnect.md) — push GuruRMM agent to client workstations via SC send-command (SYSTEM), not DC remote-exec (DCOM/schtasks blocked on Win11 clients)
- [ScreenConnect custom-property slots](reference_screenconnect_custom_property_slots.md) — CP1=Company CP2=Site CP3=Department CP4=Device Type CP8=Tag (API hides labels; UpdateSessionCustomProperties replaces the whole array)
- [ScreenConnect cleanup uses wiki as source](feedback_screenconnect_cleanup_wiki_source.md) — per-client SC/RMM metadata cleanup pulls machine->dept/location from the client wiki; enrich the wiki when missing

View File

@@ -1,24 +1,32 @@
---
name: project_av_migration_bitdefender_to_edr
description: AV strategy — migrate all clients from Bitdefender to Datto EDR, except Glaztech and Dataforth
description: AV strategy — migrate all clients from Bitdefender to Datto EDR; ONLY exception is Glaztech
metadata:
type: project
---
Standing AV direction (set by Howard 2026-07-03): ACG is moving endpoint AV/security
from **Bitdefender GravityZone -> Datto EDR** for **all clients EXCEPT Glaztech Industries
and Dataforth Corp** (those two stay on Bitdefender / handled separately).
Standing AV direction (Howard 2026-07-03, scope narrowed 2026-07-04): ACG is moving
endpoint AV/security from **Bitdefender GravityZone -> Datto EDR** for **all clients
EXCEPT Glaz-Tech Industries (glaztech)** — the ONLY client staying on Bitdefender.
**Dataforth migrates fully** (originally excepted; Howard removed the exception
2026-07-04 — Dataforth already runs 51 EDR agents with only 5 BD endpoints left:
D1-ENGI-006, DESKTOP-L2LE31M, DATAFORTH-PC, SURFACEOPS, MING-HP).
**Why:** consolidate on Datto EDR as the security plane; Bitdefender is being retired
fleet-wide (Glaztech + Dataforth are the two exceptions — both have large established
Bitdefender footprints: Glaztech ~242 endpoints, Dataforth managed separately).
fleet-wide. Glaztech keeps its large established Bitdefender footprint (~242 BD
endpoint records, vs 159 GPS-billed — count includes stale ghosts).
**How to apply:** whenever setting up or reconciling a client's endpoints (e.g. the
GPS->GuruRMM coverage audit), the target end-state per machine is: GuruRMM agent +
Datto EDR agent, and Bitdefender **removed**. Do NOT deploy new Bitdefender coverage.
Use existing Bitdefender inventory only as a discovery source for which machines exist
(its company names carry the Syncro CID `_NNNNN`, handy for mapping). Deploy Datto EDR
via `[[datto-edr]]` (create-group -> mint-key -> deploy-cmd, pushed through `/rmm`).
Datto EDR agent (AV on), and Bitdefender **removed**. Do NOT deploy new Bitdefender
coverage. Use existing Bitdefender inventory only as a discovery source for which
machines exist (its company names carry the Syncro CID `_NNNNN` suffix — exact join
key to Syncro customers). Deploy Datto EDR via `[[datto-edr]]` (create-group ->
mint-key -> deploy-cmd, pushed through `/rmm`).
Related: GPS->RMM audit tracker `projects/gps-rmm-audit/tracker.md`. Exceptions = Glaztech +
Dataforth (leave their existing AV alone; do not migrate them to EDR in this effort).
Migration scope quantified 2026-07-04 (tracker Phase 4): 27 clients / 141 BD
endpoints + Dataforth's 5. Datto EDR "Default RMM Org" holds ~35 unassigned agents
that belong to real clients (IMC x7, Russo x2, Len's, Rednour, Reliant, etc.) —
attribute them to proper orgs as part of the migration.
Related: GPS->RMM audit tracker `projects/gps-rmm-audit/tracker.md`.

View File

@@ -232,3 +232,5 @@ Little Hearts Little Hands(8), Ridgetop Group(3), Residential and Renovation Eng
**AV migration scope (task #5, BD->EDR excl Glaztech+Dataforth): 27 clients, 141 BD endpoints.**
Note: Glaz-Tech BD = 242 endpoints vs 159 GPS billed (feeds the #4 anomaly discussion).
Next Phase-4 chunk: backup verification (B2/MSP360 per client vs billed backup lines), then email.
**Scope update 2026-07-04 (Howard):** AV migration exception narrowed — **ONLY Glaztech stays on Bitdefender**. Dataforth migrates fully to EDR (already 51 EDR agents; remaining 5 BD endpoints to convert: D1-ENGI-006, DESKTOP-L2LE31M, DATAFORTH-PC, SURFACEOPS, MING-HP).