sync: auto-sync from GURU-5070 at 2026-06-27 04:42:51
Author: Mike Swanson Machine: GURU-5070 Timestamp: 2026-06-27 04:42:51
This commit is contained in:
@@ -191,3 +191,96 @@ mailboxes, mail + calendar + contacts) was created and auto-started — Status:
|
||||
- RMM install one-liner (BirthBio site): `irm https://rmm.azcomputerguru.com/install/BRIGHT-PEAK-5980/windows | iex`.
|
||||
- Discord DMs to Mike: message_id 1520034139900739627 (initial DWD), 1520055625302675537 (corrected 5-scope).
|
||||
- Vault enrollment key: `clients/birth-biologic/gururmm-site-main` (site BRIGHT-PEAK-5980, id 3b20ef97-…).
|
||||
|
||||
---
|
||||
|
||||
## Update: 04:42 PT (2026-06-27) — Datto->SharePoint delta completion, Quality recovery, April-vs-now reconcile, ticket #32187 billed
|
||||
|
||||
Continuation of the same session. Covers the SharePoint side: completing the additive delta, recovering an
|
||||
accidentally-deleted Quality site, reconciling SharePoint to match Datto (source of truth), freezing the
|
||||
Datto source, and updating/billing the Datto migration ticket.
|
||||
|
||||
### Session Summary (update)
|
||||
|
||||
After ACG-DWP-X-BB finished re-syncing with Datto cloud, ran the **Datto -> SharePoint delta**. The April
|
||||
SPMT run was additive and never re-synchronized, so the delta only needed to add files that had never
|
||||
transferred. Built `delta-recon-v2.ps1` (sanitize-aware reconcile: matches on both raw and sanitized
|
||||
paths to find GENUINELY_MISSING files) and `delta-upload-v3.ps1` (simple-PUT for <=244MB auto-creating
|
||||
parent folders, EnsureFolder + chunked for larger, FileShare.ReadWrite shared reads for Datto-locked
|
||||
files, long-path `\\?\` for [IO.File] reads, SanRemote trim of leading/trailing spaces + trailing dots).
|
||||
Reconciled to **0 missing** across Supply Management, Admin, Birth Biologic Activity Reports, Donor
|
||||
Services (107 GB / ~57K files), and Quality. Renamed 19 Datto source files to match SharePoint (stripped
|
||||
leading/trailing spaces + trailing dots).
|
||||
|
||||
**Quality site recovery.** The Quality Department SharePoint site was deleted 6/26. Unified audit log
|
||||
showed `operations@` deleted the connected M365 Group, which cascaded (AAD -> SharePoint sync) to remove
|
||||
the site. Restored from the SharePoint deleted-site recycle bin (cert-based app token; SP REST rejects
|
||||
app-only tokens). Since Quality is being reorganized into the **Quality Systems Department (QSD)** site,
|
||||
relocated the migrated Quality content there via server-side copy, then filled 44 missing + 3 file-lock
|
||||
stragglers. Old `/sites/QualityDepartment` auto-purges ~7/26.
|
||||
|
||||
**April-vs-now divergence + mirror.** Because the April push was additive (not a sync), anything deleted,
|
||||
moved, or changed in Datto after April was stale in SharePoint. Treating Datto as source of truth, built
|
||||
a consolidated change-list (`consolidated_changelist.csv`): **1,583 deleted/moved + 161 modified (~1,744
|
||||
differences)**. Cross-checked the SP unified audit log to find files users had created/edited directly in
|
||||
SharePoint (operations@, ksteen, jbeck, etc. on live sites) and **flagged 11 to protect**. Ran
|
||||
`mirror-execute.ps1` (re-validates each row against a frozen Datto set, DELETEs stale by path-addressed
|
||||
Graph DELETE -> recycle bin, refreshes modified via PUT, skips protected): **deleted=1,564, refreshed=160,
|
||||
protected-skip=11, fail=0**. For the 1 modified protected file, pushed the Datto version beside the user's
|
||||
edit as "...Datto Copy.docx"; the 10 deleted/moved protected are SP-only (no Datto copy) -> left as-is.
|
||||
|
||||
**Froze the source.** Stopped + disabled the Datto Workplace Server service on ACG-DWP-X-BB so the source
|
||||
no longer changes (also resolves the "reappearing files" complaint by removing the stale SP copies).
|
||||
|
||||
**Ticket #32187 (Datto, Syncro 109277420).** Posted a highly-detailed public+email completion/remediation
|
||||
note and billed **5.0h Labor - Remote Business ($150/hr = $750)**. Posted #bot-alerts notifications.
|
||||
|
||||
### Key Decisions (update)
|
||||
|
||||
- **Datto = source of truth** for the reconcile; SharePoint mirrored to it. Deletes go to the SP recycle
|
||||
bin (recoverable 93 days), never hard-deleted.
|
||||
- **Protect user-touched SP files** — never overwrite/delete the 11 flagged via audit log; for the one
|
||||
edited file, keep both (Datto pushed as "Datto Copy") rather than overwrite.
|
||||
- **Relocate Quality content to QSD** rather than rebuild under the restored old site, matching the planned
|
||||
reorg; let the old site auto-purge.
|
||||
- **Root-cause correction (Mike):** the "reappearing" files were NOT a Datto resurrection. They were stale
|
||||
SP copies sitting in SharePoint since the April additive push (files deleted from Datto after April were
|
||||
never removed from SP). Rewrote the ticket note's root-cause section accordingly.
|
||||
|
||||
### Problems Encountered (update)
|
||||
|
||||
- **SP REST "Unsupported app only token"** -> SharePoint requires a cert-based token; granted
|
||||
Sites.FullControl.All and used a client_assertion JWT (x5t = cert thumbprint b64url). Fixed.
|
||||
- **Chunked-upload 400 into brand-new folders** -> switched to simple-PUT (auto-creates parents). Fixed.
|
||||
- **Long-path SKIP-nofile** -> `\\?\` prefix for [IO.File] reads (not for Rename-Item/File.Move in PS5.1).
|
||||
- **Filename 400s** = leading/trailing spaces / trailing dots -> SanRemote trim; renamed 19 source files.
|
||||
- **Datto file-locks** -> FileShare.ReadWrite shared read. Fixed.
|
||||
- **Background poller broke** (curl --data-binary @file errored each iteration due to $0-relative temp paths
|
||||
under run_in_background) -> read the mirror log directly instead. Logged as friction.
|
||||
- **bot-alert missing link** -> first #bot-alerts post for #32187 omitted the mandated `-> <link>` tail; the
|
||||
helper posts text verbatim and does not auto-append. Reposted correctly + logged friction.
|
||||
|
||||
### Configuration Changes (update)
|
||||
|
||||
- Created on ACG-DWP-X-BB / scratchpad: `delta-recon-v2.ps1`, `delta-upload-v3.ps1`, `mirror-execute.ps1`,
|
||||
`consolidated_changelist.csv`, divergence CSVs, `mirror-execute.log`.
|
||||
- Stopped + disabled Datto Workplace Server service on ACG-DWP-X-BB.
|
||||
- Renamed 19 Datto source files (whitespace/trailing-dot cleanup) under
|
||||
`C:\Users\Public\Desktop\Datto Workplace Server Projects`.
|
||||
|
||||
### Pending / Incomplete Tasks (update)
|
||||
|
||||
- **Mail:** MX cutover still pending (Batch 1 complete). Then authorize Workspace write scopes
|
||||
(apps.licensing + admin.directory.user + Licensing API), unlicense migrated Google users, run Batch 2.
|
||||
- **SP-only user files** (Shift Coms / DEMO and similar) — decide whether to fold into Datto.
|
||||
- Old `/sites/QualityDepartment` auto-purges ~7/26 (no action needed).
|
||||
|
||||
### Reference Information (update)
|
||||
|
||||
- Datto migration ticket: #32187 (Syncro id 109277420). Comment id 420992239 (public+email);
|
||||
line item id 43043687 (5.0h Labor - Remote Business, product 1190473, $150).
|
||||
- #bot-alerts: message_id 1520266361996316802 (corrected, with link).
|
||||
- SP site IDs — Donor: `birthbiologic.sharepoint.com,bcbfa272-dc85-424c-af66-3f14c75ffeb4,8b0975dd-...`;
|
||||
Admin: `...,1baf65c1-c4b3-4602-9111-1f99ae800023,...`; Supply: `...,4700ecf3-25ba-41b6-918c-9fe620038172,...`;
|
||||
QSD: `...,3173c017-58bd-406a-8858-2c969667336f,...`.
|
||||
- Tenant 19a568e8-9e88-413b-9341-cbc224b39145; Graph app client 709e6eed-0711-4875-9c44-2d3518c47063.
|
||||
|
||||
Reference in New Issue
Block a user