diff --git a/.claude/memory/MEMORY.md b/.claude/memory/MEMORY.md index ba8696f7..caa1b1eb 100644 --- a/.claude/memory/MEMORY.md +++ b/.claude/memory/MEMORY.md @@ -209,3 +209,4 @@ - [AV migration: Bitdefender -> Datto EDR](project_av_migration_bitdefender_to_edr.md) — retire Bitdefender fleet-wide except Dataforth; end-state per machine = GuruRMM + Datto EDR - [RMM deploy via ScreenConnect](reference_rmm_deploy_via_screenconnect.md) — push GuruRMM agent to client workstations via SC send-command (SYSTEM), not DC remote-exec (DCOM/schtasks blocked on Win11 clients) - [ScreenConnect custom-property slots](reference_screenconnect_custom_property_slots.md) — CP1=Company CP2=Site CP3=Department CP4=Device Type CP8=Tag (API hides labels; UpdateSessionCustomProperties replaces the whole array) +- [ScreenConnect cleanup uses wiki as source](feedback_screenconnect_cleanup_wiki_source.md) — per-client SC/RMM metadata cleanup pulls machine->dept/location from the client wiki; enrich the wiki when missing diff --git a/.claude/memory/feedback_screenconnect_cleanup_wiki_source.md b/.claude/memory/feedback_screenconnect_cleanup_wiki_source.md new file mode 100644 index 00000000..69478d50 --- /dev/null +++ b/.claude/memory/feedback_screenconnect_cleanup_wiki_source.md @@ -0,0 +1,23 @@ +--- +name: feedback_screenconnect_cleanup_wiki_source +description: ScreenConnect/RMM machine-metadata cleanup uses the client wiki as source of truth; enrich the wiki when info is missing +metadata: + type: feedback +--- + +For the ScreenConnect session-hygiene + RMM-site cleanup (per client: normalize Company, +set Site/Department/Device Type/Tag, fix RMM sites, dedup) — **the client wiki is the primary +source of truth for machine -> department / person / location.** (Howard, 2026-07-03.) + +**Why:** the wiki already carries person->machine->department maps (e.g. Cascades: Ashley +Jensen->Accounting on DESKTOP-U2DHAP0, Shelby Trozzi->MemCare Director on MDIRECTOR-PC), so +department/site can be derived from it rather than guessed. + +**How to apply, per client:** +1. Pull the machine metadata from the client wiki FIRST (`wiki/clients/.md` + its source docs), then hostname role tokens, then UniFi switch/AP building/area names. +2. Where a machine's department/location is NOT in the wiki, **learn it (ask the user / investigate) and UPDATE the wiki** with the finding — so the wiki becomes the durable record and the next pass is easier. +3. Slot mapping = [[reference_screenconnect_custom_property_slots]] (CP1 Company, CP2 Site, CP3 Department, CP4 Device Type, CP8 Tag). Match each client's EXISTING vocabulary (e.g. Cascades uses Device Type "Desktop"/"Laptop"/"Server", not "Workstation"; Dataforth uses "Workstation"). +4. UniFi placement: Dataforth = cloud UDM via Site Manager connector; Cascades = UOS controller. AP/switch names are building/area-coded. Related: [[project_av_migration_bitdefender_to_edr]], GPS->RMM audit `projects/gps-rmm-audit/tracker.md`. + +Done so far: Dataforth (D1/D2 sites split + tags), Cascades (single-site + departments). Remaining +per-client unknowns get filled from the wiki as we walk each machine; wiki gets updated when it doesn't have it. diff --git a/projects/gps-rmm-audit/session-logs/2026-07/2026-07-03-howard-gps-rmm-coverage-audit.md b/projects/gps-rmm-audit/session-logs/2026-07/2026-07-03-howard-gps-rmm-coverage-audit.md index a6ceba8c..dac284f9 100644 --- a/projects/gps-rmm-audit/session-logs/2026-07/2026-07-03-howard-gps-rmm-coverage-audit.md +++ b/projects/gps-rmm-audit/session-logs/2026-07/2026-07-03-howard-gps-rmm-coverage-audit.md @@ -141,3 +141,11 @@ Phase B Part 1: set Device Type (CP4) on all 51 (Server/Laptop/Workstation from Phase B Part 2 (D1/D2 site via UniFi): Dataforth is cloud UDM-Dataforth (host id D021F96C10F9...:1721816512), reachable via Site Manager connector. Its switches/APs are BUILDING-NAMED (D1 Engineering, D1-Server Room, D2-SMT, D2-Breakroom, etc.). Pulled full stat/device + stat/sta directly (gw-sitemanager 'net raw' caps output at [:5000] - bypass by curling api.ui.com /v1/connector/consoles//proxy/network/api/s/default/stat/{device,sta} with the vaulted key services/unifi-site-manager). Mapped each client's uplink sw_mac/ap_mac -> device name -> building. Set Site on 21 more machines (total 40/51: 19 prefix + 21 UniFi). 9 still blank = offline (not in live UniFi client list): AD1, SAGE-SQL, QCInspection, DFASLB0519, Dforthpc18, LAPTOP-RD47E88A, DESKTOP-AH0SLT7/-FT0T4MK/-SA4N14M. Dataforth SC remaining come-back: 21 Departments, 9 Sites (offline), Tag (CP8) convention, eng-dev-server duplicate (manual console removal - API can't delete sessions). Then repeat the whole SC cleanup for the other worked clients. + +## Update: 20:40 PT — Cascades ScreenConnect cleanup + Dataforth RMM site fix + +Dataforth RMM sites: created a D2 site (id ed1d28c7-3f22-4578-a3f8-cabe6100382a, code UPPER-FALCON-1529) under client c9242164-8e66-43ba-b9e8-84520d096562 and moved 26 machines off the lumped D1 (POST /api/agents/:id/move {site_id}) using the corrected SC Site (CP2) as source of truth. Now D1:25 / D2:26. 12 unmapped (offline) left on D1 for come-back. + +Cascades (next client, single campus, department-focused): normalized Company -> 'Cascades of Tucson' (was Cascades of Tucson 24 / Cascades 6 / blank 1); set Device Type on all (matched Cascades' existing 'Desktop'/'Laptop'/'Server' vocab, NOT Dataforth's 'Workstation'); set Department on 24 from hostname roles + the WIKI person->machine map (wiki/clients/cascades-tucson.md maps e.g. Ashley Jensen->Accounting DESKTOP-U2DHAP0, Chris Knight->Accounting DESKTOP-N5G1ROO, Shelby Trozzi->MemCare MDIRECTOR-PC, Sharon Edwards->Life Enrichment DESKTOP-DLTAGOI, caregiver laptops Laptop2/DRQ5L558/E0STJJE8->Nursing); fixed 'Accouting' typo. 9 departments still unknown (ANN-PC, ASSISTMAN-PC, megan, Laptop4, LAPTOP-8P7HDSEI, DESKTOP-F94M8UT/-LPOPV30/-MD6UQI3/-ROK7VNM). RECEPTIONIST-PC dup (2 RMM agents + 2 SC sessions) needs manual console removal + investigation. 2 no SC session: DESKTOP-KQSL232 (Lois Lane/CareTakers EOL), Health-Services-Director. + +Workflow captured (memory feedback_screenconnect_cleanup_wiki_source): SC/RMM cleanup uses the client wiki as source of truth for machine->dept/location; where missing, enrich the wiki as we learn. Next sites ranked earlier: Valley Wide (cloud UDM), Grabb/Russo (small multi-site + UniFi); Safesite deferred (no UniFi, mobile fleet).