sync: auto-sync from GURU-5070 at 2026-06-07 20:52:31

Author: Mike Swanson
Machine: GURU-5070
Timestamp: 2026-06-07 20:52:31

clients/wolkin/session-logs/2026-06-07-mike-wolkin-clientfiles-printshare.md

@@ -0,0 +1,136 @@
+# Wolkin Law — Client Files share corrected + Sharp print share over ZeroTier
+
+## User
+- **User:** Mike Swanson (mike)
+- **Machine:** GURU-5070
+- **Role:** admin
+
+## Session Summary
+
+Continued Wolkin Law remote-access work from GURU-5070 (the Mac did the initial
+ZeroTier/SMB/M365 setup earlier 2026-06-07). Two fixes: the Client Files share was
+pointing at the wrong folder, and the office printer share to Julie's remote laptop
+was not working.
+
+**Client Files share corrected.** The `\\FRONT\ClientFiles` SMB share was live-
+pointed at `C:\Users\Owner\OneDrive\Documents\PRodriquezClients` (a single client's
+18-file folder), not the firm repository. Searched FRONT and Bob's desktop
+(DESKTOP-V1JT1SE) via RMM for the real all-client-data folder. Found it:
+`C:\Users\Owner\OneDrive\Documents` — 181 client/matter subfolders (+ a "Closed
+Files" folder with 97 more) — identical on both machines (the `Owner` OneDrive
+account syncs to both, so it is the shared library both see). Repointed
+`\\FRONT\ClientFiles` to `OneDrive\Documents`, granted `front\julie` NTFS
+FullControl (inherited). Share name kept "ClientFiles" so Julie's existing shortcut
+resolves unchanged. Mike confirmed full access to the entire repository is the
+intent.
+
+**Sharp print share over ZeroTier.** Confirmed the device is a Sharp MX-B557F
+(driver "Sharp Universal v2 XL") at office LAN IP 192.168.1.158 — every prior
+reference to a RICOH (and to 172.17.110.110) was a phantom from unrelated temp
+files. FRONT and Bob's desktop both print to this Sharp. Ran a 3-way consensus
+(Claude + Grok + Agy/Gemini) on the approach: print-SERVER share `\\FRONT\Sharp`
+over ZeroTier (subnet routing rejected); move FRONT's Sharp from its flaky WSD port
+to a Standard TCP/IP port; connect the laptop via the ZeroTier IP (hosts already
+maps FRONT -> 10.147.19.199); disable Bidirectional Support if the driver auto-
+config balks (Agy's catch); verify the ZeroTier interface is Private.
+
+**Root cause of the print failure:** the ZeroTier interface was classified **Public**
+on BOTH FRONT and RSW-Laptop. Windows "File and Printer Sharing" inbound rules
+(including the Print Spooler RPC) are enabled for the **Private** profile only, so
+print/RPC over ZeroTier was blocked even though file SMB worked. Set both ends to
+Private; enabled File and Printer Sharing; moved FRONT's Sharp to TCP/IP
+192.168.1.158:9100 (ping + TCP 9100 confirmed reachable). The automated laptop-side
+`Add-Printer` from Julie's session failed with SMB error 67 / RPC 1702 (IPC$ over
+the ZT IP would not bind despite 445 being open); Mike completed the laptop-side
+`\\FRONT\Sharp` connection manually. Cleared 3 stuck jobs from FRONT's Sharp queue.
+
+## Key Decisions
+
+- Repointed the share to the FULL `OneDrive\Documents` repository (181 matters +
+  closed files) rather than a curated subset — Mike confirmed full assistant access
+  is intended.
+- Print-server share (`\\FRONT\Sharp`) over ZeroTier, NOT a managed subnet route —
+  unanimous 3-AI consensus (simpler, more secure, uses proven SMB transport).
+- WSD -> Standard TCP/IP 9100 on FRONT for the shared printer (WSD is unreliable for
+  a server share to remote clients).
+- Connect via the ZeroTier IP / hosts-mapped name, not a bare `\\FRONT` that could
+  resolve to the dead LAN IP.
+
+## Problems Encountered
+
+- **ZeroTier interface = Public** on both machines blocked the print-spooler RPC
+  (File and Printer Sharing rules are Private-only). Fixed: set Private both ends.
+  This was the actual reason printing failed while file sharing worked.
+- **Live share path was wrong** (`...\Documents\PRodriquezClients`, a single client)
+  — not even the `Shared Data\CLIENT FILES` the Mac's notes recorded. Repointed to
+  the real `OneDrive\Documents` repo.
+- **Wiki had the wrong office LAN** (172.17.110.0/24). FRONT's Ethernet is actually
+  192.168.1.153/24; the printer is 192.168.1.158. The 172.17.110.110 "RICOH" port on
+  FRONT is an orphan with no device.
+- **Automated laptop printer add failed** (SMB error 67 / RPC 1702 from Julie's
+  session even with 445 reachable). Mike finished the laptop connection by hand.
+- **Client-slug fragmentation:** this one client is recorded under three slugs —
+  `clients/wolkin/`, `clients/wolkin-law/`, `clients/rswolkin/` (+ wiki
+  `wolkin.md`, `wolkin-law.md`, `robert-wolkin.md`). Worth consolidating.
+
+## Configuration Changes
+
+GuruRMM-dispatched changes (no repo code changes):
+- FRONT (`877d311a-4b24-462c-97b1-d2a0f7730a71`): repointed SMB share `ClientFiles`
+  -> `C:\Users\Owner\OneDrive\Documents`; `icacls` grant `front\julie:(OI)(CI)F`;
+  added Standard TCP/IP printer port `IP_192.168.1.158` (192.168.1.158:9100);
+  `Set-Printer -Name Sharp -PortName IP_192.168.1.158`; ZeroTier interface
+  Public -> Private; enabled "File and Printer Sharing" firewall group; cleared 3
+  stuck print jobs.
+- RSW-Laptop (`043fd673-35a2-4d3d-8f91-ed73ce70cc1e`): ZeroTier interface
+  Public -> Private. (Printer connection completed manually by Mike.)
+
+## Credentials & Secrets
+
+- `front\julie` local account password: `Jaylen0607!` (set manually via ScreenConnect
+  per the prior session; the RMM agent silently fails to set passwords — see
+  `feedback_rmm_password_limitation.md`). Used to auth laptop->FRONT for the share.
+  (Should be migrated to vault `clients/wolkin/`.)
+
+## Infrastructure & Servers
+
+- Office LAN: **192.168.1.0/24** (corrected from 172.17.110.x).
+- FRONT (office PC / print server): Ethernet 192.168.1.153/24, ZeroTier 10.147.19.199.
+- Sharp MFP: **Sharp MX-B557F**, driver "Sharp Universal v2 XL", IP 192.168.1.158,
+  raw TCP 9100. Shared as `\\FRONT\Sharp`.
+- RSW-Laptop (Julie): ZeroTier 10.147.19.54; hosts entry `10.147.19.199 FRONT`.
+- DESKTOP-V1JT1SE (Bob's desktop): also syncs the `Owner\OneDrive\Documents` repo.
+- ZeroTier network: `17d709436c834c9b`. M365 tenant: rswolkin.com.
+
+## Commands & Outputs
+
+- Real client repo: `C:\Users\Owner\OneDrive\Documents` = 181 subfolders (both
+  machines). Old share target `...\Documents\PRodriquezClients` (18 files).
+- FRONT printer move: `Add-PrinterPort -Name IP_192.168.1.158 -PrinterHostAddress
+  192.168.1.158 -PortNumber 9100`; `Set-Printer -Name Sharp -PortName ...`.
+- ZeroTier fix: `Set-NetConnectionProfile -InterfaceAlias 'ZeroTier*' -NetworkCategory
+  Private` (was Public on both ends).
+- Laptop add failure: `Add-Printer -ConnectionName \\FRONT\Sharp` -> "specified
+  server does not exist..."; `net use \\10.147.19.199\IPC$` -> System error 67;
+  `net view` -> 1702 (binding handle invalid). Connectivity (ping/445) was fine.
+- Queue clear: removed jobs id 24/26/53 on Sharp -> 0 jobs, spooler running.
+
+## Pending / Incomplete Tasks
+
+- Confirm Julie can print a real test page to the Sharp end-to-end (Mike completed
+  the connection; physical confirmation pending).
+- If the Sharp driver UI hangs/"status unavailable" on the laptop, disable
+  Bidirectional Support (Printer Properties > Ports) per Agy's recommendation.
+- Migrate `front\julie` password + Wolkin creds to vault `clients/wolkin/`.
+- **Consolidate the three Wolkin client slugs** (wolkin / wolkin-law / rswolkin) into
+  one canonical slug.
+- Update `wiki/clients/wolkin.md` Network section (office LAN is 192.168.1.0/24, not
+  172.17.110.x; printer is Sharp MX-B557F @ 192.168.1.158).
+
+## Reference Information
+
+- Syncro ticket #32369 (Remote Work Access Setup).
+- Agents: FRONT 877d311a-4b24-462c-97b1-d2a0f7730a71; RSW-Laptop
+  043fd673-35a2-4d3d-8f91-ed73ce70cc1e; DESKTOP-V1JT1SE
+  30f6af79-ab19-4ed3-9ebc-71b2bffc2d27.
+- 3-AI consult brief: `.claude/tmp/wolkin-print-brief.txt`.