From 63e1eb743b72a3952dea0e8f44ac3fc27dc99f50 Mon Sep 17 00:00:00 2001 From: Howard Enos Date: Fri, 3 Jul 2026 19:31:29 -0700 Subject: [PATCH] sync: auto-sync from HOWARD-HOME at 2026-07-03 19:30:59 Author: Howard Enos Machine: HOWARD-HOME Timestamp: 2026-07-03 19:30:59 --- ...026-07-03-howard-gps-rmm-coverage-audit.md | 12 +++++ .../tools/bucketc-onboard-deploy.sh | 46 +++++++++++++++++++ projects/gps-rmm-audit/tracker.md | 28 +++++++++++ 3 files changed, 86 insertions(+) create mode 100644 projects/gps-rmm-audit/tools/bucketc-onboard-deploy.sh diff --git a/projects/gps-rmm-audit/session-logs/2026-07/2026-07-03-howard-gps-rmm-coverage-audit.md b/projects/gps-rmm-audit/session-logs/2026-07/2026-07-03-howard-gps-rmm-coverage-audit.md index 941e185f..c073d700 100644 --- a/projects/gps-rmm-audit/session-logs/2026-07/2026-07-03-howard-gps-rmm-coverage-audit.md +++ b/projects/gps-rmm-audit/session-logs/2026-07/2026-07-03-howard-gps-rmm-coverage-audit.md @@ -91,3 +91,15 @@ Key findings: Come-back pass items (recorded in tracker.md): Safesite re-siting from Unknown -> Bell/Glendale; Safesite under-billing reconcile; Grabb ~3 no-SC machines + HOMEPC site; IMC-L1-GRAPHICS; billing flags to Winter (Jimmy/Stamback/Glaz-Tech + AMT/Cascades/Len's backups); Bucket C (25 clients) need /rmm onboard before deploy. Site codes used this session: IMC INNER-BRIDGE-8354; Horseshoe GOLD-OCEAN-4982; QWM GREEN-CLOUD-1199; Safesite Unknown LIGHT-CLOUD-3585 (Bell RED-HAWK-6595, Glendale SWIFT-OCEAN-8321); Grabb Main LIGHT-PEAK-6399 (Bob's House LIGHT-GATE-7086, Jeff's House UPPER-FALCON-8240). + +## Update: 17:45 PT — Bucket C onboard + deploy + +Wrote a reusable helper `projects/gps-rmm-audit/tools/bucketc-onboard-deploy.sh` (onboard RMM client+site -> vault key -> deploy agent via ScreenConnect to BD-company machines with SC sessions). Ran it across Bucket C. + +Onboarded 16 new GuruRMM clients (client+site created, enrollment key vaulted at clients//gururmm-site-main.sops.yaml) and deployed ~44 agents via ScreenConnect: Reliant (CALM-HAWK-3954, 4), Curtis Plumbing (SILVER-WOLF-6785, 4), PUTT Land Surveying (EAST-CASTLE-3313, 3), Prairie Schooner (UPPER-HARBOR-4168, 3), T & C Sorensen (IRON-FORGE-1700, 4), Zeus Nestora (GREEN-TIGER-6194, 3), Brett Interiors (IRON-EAGLE-4784, 4), Bill Tedards (CALM-PEAK-4628, 2 from Datto), Design and Brand Envoys (SOUTH-STAR-8736, 3), Heieck (WILD-MOON-9773, 0 - no SC), Multicultural Counseling (EAST-OCEAN-2818, 3), MVAN (LOWER-FORGE-6736, 1), The Marc Group (SILVER-OCEAN-6422, 2), Mineralogical Record (BLUE-MOON-8542, 5 BD+Datto), Pro-Tech Services (INNER-GATE-4746, 2, pre-existing), Inside Track (CALM-GATE-2273, 1). + +Discovery source = Bitdefender company, falling back to Datto EDR where BD is empty (Bill Tedards, Mineralogical extras). Bash tool default timeout is 2 min; raise to up to 600000ms for long batches (the 10-client batch was cut off and finished separately - the helper's existing-client guard made re-runs idempotent). + +Not onboarded (no BD/Datto machines found - come-back to locate or confirm unmanaged): Little Hearts, Janet Altschuler, Business Services of Tucson, Andy's Mobile Fuel, Gary A Hartman LLC, Marty Ryan, Residential and Renovation Engineering, Ridgetop Group, Robyn Pittman. + +Reliant caveat: its BD company mixes Reliant + Farwest (FW*) + Wilcox (WILCOX*) - only Reliant machines targeted. diff --git a/projects/gps-rmm-audit/tools/bucketc-onboard-deploy.sh b/projects/gps-rmm-audit/tools/bucketc-onboard-deploy.sh new file mode 100644 index 00000000..036c85a8 --- /dev/null +++ b/projects/gps-rmm-audit/tools/bucketc-onboard-deploy.sh @@ -0,0 +1,46 @@ +#!/usr/bin/env bash +# bucketc-onboard-deploy.sh <"Client Name"> +# Onboards a GuruRMM client+site, vaults the key, then deploys the agent to every +# machine in the client's Bitdefender company that has a ScreenConnect session. +# Part of the GPS->RMM coverage audit (Bucket C). Idempotent guard on existing client. +set -u +ROOT="${CLAUDETOOLS_ROOT:-/c/claudetools}"; VR="D:/vault" +NAME="$1"; BDC="$2"; SLUG="$3" +GZ="bash $ROOT/.claude/scripts/py.sh C:/claudetools/.claude/skills/bitdefender/scripts/gz.py" +SC="bash $ROOT/.claude/scripts/py.sh C:/claudetools/.claude/skills/screenconnect/scripts/sc.py" +eval "$(bash $ROOT/.claude/scripts/rmm-auth.sh 2>/dev/null)" >/dev/null + +EX=$(curl -s "$RMM/api/clients" -H "Authorization: Bearer $TOKEN" | tr -d '\000-\037' | jq -r --arg n "$NAME" '.[]|select(.name|ascii_downcase==($n|ascii_downcase))|.id') +if [ -n "$EX" ]; then echo "[$NAME] already a client ($EX) — skipping onboard"; CID="$EX"; + SC_CODE=$(curl -s "$RMM/api/clients/$CID/sites" -H "Authorization: Bearer $TOKEN" | tr -d '\000-\037' | jq -r '.[0].site_code'); SID_SITE=""; +else + CID=$(curl -s -X POST "$RMM/api/clients" -H "Authorization: Bearer $TOKEN" -H "Content-Type: application/json" --data-binary "{\"name\":\"$NAME\"}" | tr -d '\000-\037' | jq -r '.id') + RESP=$(curl -s -X POST "$RMM/api/sites" -H "Authorization: Bearer $TOKEN" -H "Content-Type: application/json" --data-binary "{\"client_id\":\"$CID\",\"name\":\"Main\"}" | tr -d '\000-\037') + SID_SITE=$(echo "$RESP" | jq -r '.site.id'); SC_CODE=$(echo "$RESP" | jq -r '.site.site_code'); AKEY=$(echo "$RESP" | jq -r '.api_key') + echo "[$NAME] onboarded: site_code=$SC_CODE" + T="$VR/clients/$SLUG/gururmm-site-main.sops.yaml"; mkdir -p "$(dirname "$T")" + cat > "$T" </dev/null && echo "[$NAME] vaulted (clients/$SLUG/gururmm-site-main.sops.yaml)" +fi + +ENC=$(py -c "import base64;print(base64.b64encode(\"irm 'https://rmm.azcomputerguru.com/install/$SC_CODE/windows'|iex\".encode('utf-16-le')).decode())") +CMD="powershell -NoProfile -ExecutionPolicy Bypass -EncodedCommand $ENC" +MACHINES=$($GZ endpoints --company "$BDC" 2>/dev/null | grep -E '^ [0-9a-f]{24}' | awk '{print $2}' | sort -u) +sent=0; nosc=0 +for h in $MACHINES; do + SID=$($SC raw --method GetSessionsByName --body "{\"sessionName\":\"$h\"}" 2>/dev/null | tr -d '\000-\037' | jq -r '.[0].SessionID // empty') + if [ -z "$SID" ]; then nosc=$((nosc+1)); continue; fi + $SC send-command --session "$SID" --command "$CMD" --confirm >/dev/null 2>&1 + sent=$((sent+1)) +done +echo "[$NAME] site=$SC_CODE BD_machines=$(echo "$MACHINES"|wc -w) deployed_via_SC=$sent no_SC=$nosc" diff --git a/projects/gps-rmm-audit/tracker.md b/projects/gps-rmm-audit/tracker.md index e39ba4af..3b1399e6 100644 --- a/projects/gps-rmm-audit/tracker.md +++ b/projects/gps-rmm-audit/tracker.md @@ -178,6 +178,34 @@ Bitdefender companies exist for ALL bucket-B (and nearly all bucket-C) clients w ## Daily progress check (automated) - Windows scheduled task **GPS-RMM-Progress** runs daily 8:07am (Howard-Home), script `.claude/scripts/gps-rmm-progress-check.sh`, targets `projects/gps-rmm-audit/targets.json`. Compares live RMM agent counts (unique hostnames) to GPS device targets and DMs Howard the remaining gaps; reports COMPLETE when all met (then retire via `schtasks /Delete /TN GPS-RMM-Progress`). Baseline 2026-07-03: **46/189 devices in RMM, 32 clients short.** Glaz-Tech excluded pending billing review. +### Bucket C — onboarded + deployed 2026-07-03 (via helper `tools/bucketc-onboard-deploy.sh`) +16 clients onboarded (RMM client+site created, enrollment key vaulted at `clients//gururmm-site-main.sops.yaml`), agent pushed via ScreenConnect to SC-reachable machines: + +| Client | Site code | Deployed via SC | No-SC (come-back) | +|--------|-----------|:--:|:--:| +| Reliant Well Drilling | CALM-HAWK-3954 | 4 | 8 (+ FW*/WILCOX* = other entities, skipped) | +| Curtis Plumbing | SILVER-WOLF-6785 | 4 | 2 | +| PUTT Land Surveying | EAST-CASTLE-3313 | 3 | 4 | +| The Prairie Schooner | UPPER-HARBOR-4168 | 3 | 2 | +| T & C Sorensen | IRON-FORGE-1700 | 4 | 0 | +| Zeus Nestora | GREEN-TIGER-6194 | 3 | 0 | +| Brett Interiors | IRON-EAGLE-4784 | 4 | 0 | +| Bill Tedards | CALM-PEAK-4628 | 2 (Datto src) | 3 (BD, no SC) | +| Design and Brand Envoys | SOUTH-STAR-8736 | 3 | 0 | +| Heieck, Sheila | WILD-MOON-9773 | 0 | 3 (BD, no SC) | +| Multicultural Counseling | EAST-OCEAN-2818 | 3 | 0 | +| MVAN Enterprises | LOWER-FORGE-6736 | 1 | 1 | +| The Marc Group | SILVER-OCEAN-6422 | 2 | 0 | +| Mineralogical Record | BLUE-MOON-8542 | 5 (BD+Datto) | 1 | +| Pro-Tech Services | INNER-GATE-4746 | 2 | 0 | +| Inside Track Productions | CALM-GATE-2273 | 1 | 0 | + +~44 machines deployed. Discovery source = Bitdefender company (mostly), Datto EDR where BD empty (Bill Tedards, Mineralogical extras). + +**Bucket C NOT onboarded — no machines found in Bitdefender OR Datto (come-back: locate machines or confirm unmanaged):** Little Hearts Little Hands, Janet Altschuler, Business Services of Tucson, Andy's Mobile Fuel, Gary A Hartman LLC, Marty Ryan, Residential and Renovation Engineering, Ridgetop Group, Robyn Pittman (9 clients, 1-8 GPS each). These have no BD/Datto footprint — machines may be SC-only, or genuinely unmanaged/decommissioned. + +**Reliant caveat:** its Bitdefender company mixes Reliant + Farwest (FW*) + Wilcox (WILCOX*) machines — only clearly-Reliant ones (RWD-*, generics) were targeted; FW*/WILCOX* skipped (separate clients). + ## Rollup - **7** clients match on machine count (still need service + wiki verification).