sync: auto-sync from GURU-5070 at 2026-07-17 05:35:10
Author: Mike Swanson Machine: GURU-5070 Timestamp: 2026-07-17 05:35:10
This commit is contained in:
@@ -19,6 +19,10 @@ Categories (the `[type]` tag): _(none)_ = skill/command execution failure ·
|
||||
|
||||
<!-- Append entries below this line -->
|
||||
|
||||
2026-07-17 | GURU-5070 | remediation-tool/exchange | [correction] Repeatedly used investigator-exo tier for Exchange REST -> 401 on every adminapi call (Security Investigator app lacks Exchange.ManageAsApp). Correct tier is exchange-op (only app with both Exchange.ManageAsApp + Exchange Admin role). Mike's 6th time hitting this. Fixed docs (SKILL.md, gotchas.md) + user-breach-check.sh (was using investigator-exo -> mailbox delegate/forwarding checks silently returned empty on every breach check) + memory reference_exchange_online_exchangeop_tier. [ctx: tenant=azcomputerguru.com ref=reference_exchange_online_exchangeop_tier]
|
||||
|
||||
2026-07-17 | GURU-5070 | vault/secret-echo | [friction] grep filter to redact vault output missed the JSON field 'private_key' (filter had 'key:' with colon + 'apikey', not bare 'private_key') -> SA private key printed to transcript. Fix: when displaying vault entries, allowlist known plaintext fields (name/status/username/notes/url) instead of denylisting secret patterns; or pipe through 'sops -d' with an explicit field select. [ctx: ref=vault-skill file=msp-tools/acg-msp-access-google-workspace.sops.yaml]
|
||||
|
||||
2026-07-16 | GURU-BEAST-ROG | syncro/comment | [friction] POST /tickets/{id}/comment response failed jq parse even after tr control-char strip; comment DID post (verified via GET) - check-first rule prevented duplicate [ctx: ticket=32557]
|
||||
|
||||
2026-07-15 | Howard-Home | msp360/backups | [correction] assumed LAB-SVR (Len's Auto) is a live machine needing attention; correct is LAB-SVR was RETIRED and replaced by LAB-SERVER — repeated correction from Howard
|
||||
|
||||
Reference in New Issue
Block a user