wiki: compile peaceful-spirit (full) — Syncro refresh, VSS + address, root-log provenance
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -2,8 +2,8 @@
|
||||
type: client
|
||||
name: peaceful-spirit
|
||||
display_name: Peaceful Spirit Therapeutic Massage
|
||||
last_compiled: 2026-07-02
|
||||
compiled_by: GURU-5070/claude-main (update: deletion-report location)
|
||||
last_compiled: 2026-07-03
|
||||
compiled_by: HOWARD-HOME/claude-main (full: Syncro refresh + root-log provenance + VSS/address)
|
||||
sources:
|
||||
- clients/peaceful-spirit/session-logs/2026-05-10-recovered-setup-radius-authentication-for-vpn-access.md
|
||||
- clients/peaceful-spirit/session-logs/2026-05-10-session.md
|
||||
@@ -17,6 +17,9 @@ sources:
|
||||
- clients/peaceful-spirit/session-logs/2026-07/2026-07-01-mike-pst-deletion-scope-shelton-admin-acl.md
|
||||
- clients/peaceful-spirit/AD-DC2-REBUILD-RUNBOOK.md
|
||||
- session-logs/2026-06/2026-06-29-mike-dataforth-nwtoc-pst-deletion-scope-birthbio-corruption.md
|
||||
- session-logs/2026-06/2026-06-29-mike-birthbio-repatriation-and-pst-soap-recovery.md
|
||||
- session-logs/2026-07/2026-07-02-mike-pst-reports-ezfag-tags-unifi-adoption-bardach.md
|
||||
- session-logs/2026-07/2026-07-02-mike-crowdstrike-rollout-365-appsuite.md
|
||||
- clients/peaceful-spirit/server.sops.yaml (vault)
|
||||
- clients/peaceful-spirit/server2.sops.yaml (vault)
|
||||
- clients/peaceful-spirit/vpn.sops.yaml (vault)
|
||||
@@ -35,7 +38,7 @@ Massage therapy practice with two sites: Country Club (CC, primary — all serve
|
||||
|
||||
- **Business name (Syncro):** Peaceful Spirit Massage (NOT "...Therapeutic Massage" — ID-based lookup required)
|
||||
- **Syncro customer ID:** `278525`
|
||||
- **Address:** 6650 N Oracle #100, Tucson
|
||||
- **Addresses (two sites):** CC / Country Club (primary — all server infrastructure): 2930 N Country Club Rd, Tucson AZ (Syncro primary address). NW / Northwest: 6650 N Oracle #100, Tucson AZ.
|
||||
- **Primary contact:** Mara Concordia (owner/operator); generic contact email `info@bestmassageintucson.com`; personal Microsoft account `mara.concordia@gmail.com` (OneDrive). Domain user: `mara`.
|
||||
- **Other key staff:** Bridgette (BridgetteSH); Christine Z (ChristineZ); Calista A (CalistaA); Leslie W (leslieW); Sarah M (SarahM); Katie B (katieb); Sharon S (SharonS); PSTAdmin.
|
||||
- **Contract type:** Break-fix / T&M (verify — recent invoices per-ticket ~$150–300/visit, plus a recurring ~$195.19/month line item; no retainer contract confirmed)
|
||||
@@ -150,6 +153,10 @@ Client SOAP-note and business files reside on **PST-SERVER G:\Shares**. The @Cli
|
||||
- **Status 2026-07-01:** running normally (the 6/29 stop-for-restores self-resumed).
|
||||
- **Caveat:** `cbb list` is unreliable on comma/space folder paths (false zeros, timeouts on large trees). Use restore-to-staging + local diff for any deletion-scope investigation.
|
||||
|
||||
### VSS Shadow Copies (PST-SERVER G:)
|
||||
|
||||
Local point-in-time recovery / self-service "Previous Versions" on the data volume, deployed as the near-line complement to the B2 backup (confirmed 2026-07-02). Volume Shadow Copies enabled on **G:** with a **69.8 GB** storage cap and roughly **4 snapshots/day** (observed schedule ~6a / 12p / 1p / 6p). Provides fast in-place rollback of individual files/folders without a B2 restore, and is the "Option 2" alternative to the (NTFS-impossible) recycle-bin design Mara requested. Note: after the 2026-06-13 trim, older snapshots were pruned — earliest snapshot ranges have been observed as recent as 6/25–6/28, so VSS is a short-window safety net, not long-term retention (that role is B2 / MSP360). The Security event log backing the deletion audit is sized to **128 MB max** on PST-SERVER.
|
||||
|
||||
### NTFS Access Control (G:\Shares\Scanned)
|
||||
|
||||
ACL root is `G:\Shares\Scanned`; permissions inherit to `@Clients` and subdirectories. Hardened 2026-07-01. ACL backup on server: `C:\PST-Recovery\acl-backup-scanned-20260701-072725.txt`.
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
# Wiki Index
|
||||
|
||||
Last updated: 2026-07-02
|
||||
Last updated: 2026-07-03
|
||||
Compiled by: HOWARD-HOME/claude-main
|
||||
|
||||
This wiki is LLM-maintained. Do not edit articles manually — run `/wiki-compile` to update.
|
||||
@@ -32,7 +32,7 @@ Run `/wiki-lint` to check for stale entries and broken backlinks.
|
||||
| [Pavon](clients/pavon.md) | Former/archive client; GeoVision NVR surveillance; OwnCloud at 172.16.3.22 backed by Uranus; cron stacking fixed; Nextcloud migration deferred 3–6 months | 2026-05-24 |
|
||||
| [Rieusset Corp (Tom Sorensen)](clients/rieusset-corp.md) | Small business; email hosted on Neptune Exchange (4 mailboxes: tsorensen, tomrc, ojodeagua, csorensen @rieussetcorp.com); Mailprotector domain ID 57833; outbound via SBR Outbound.Sorensen connector; clipto.com allow rule added 2026-06-08 | 2026-06-08 |
|
||||
| [Rednour Law Offices](clients/rednour.md) | Law firm (break-fix/T&M, prepay 0); M365 rednourlaw.com (tenant 4a4ca18a) onboarded, 5 ComputerGuru SPs consented, no MDE license; 3 Win workstations GuruRMM-enrolled (all RED, prior MSP agents pending removal) — **all three now on Win 11** (LEGALASST + Carrie/REDNOURCARRIEVI upgraded 2026-06-29); REDNOURCARRIEVI hosts the firm's peer-to-peer SMB shares (Nick's Mac access done 2026-06-25); **Carrie's Win11 upgrade root cause = corrupt download (`ks.sys` 0x80070570 -> SAFE_OS 0x8007000D); fixed via fresh Media Creation Tool media — done in-shop, build 26200**; GuruRMM **works** on the Windows boxes (earlier "not working" disproved); macOS RMM agent still won't enroll (site code-vs-UUID bug, coord 6f2d22be); `endpointprotection.exe` = Datto AV (Defender RTP off by design); #32368 invoiced #67912 $669.55 (Nick = no charge); plaintext local-account creds from Syncro notes vaulted (clients/rednour/local-accounts) | 2026-06-30 |
|
||||
| [Peaceful Spirit Therapeutic Massage](clients/peaceful-spirit.md) | Massage therapy, two sites (Country Club + Northwest); break-fix, Syncro 278525, 31 assets; **two-DC domain** — PST-SERVER (192.168.0.2, 2016 Essentials, all FSMO) + PST-SERVER2 (192.168.1.5, rebuilt 6/13 from past-tombstone state, NW) with DFS-R (PST-DFS, ~221/265 GB) — **Gate 4 blocked: SERVER2 flapping (NW power/UPS/net)**; L2TP/IPsec RRAS VPN complete (6 GuruRMM agents); **June–July 2026 file-deletion investigation** — 47,749 files gone from `@Clients` since 6/24 but ~93% duplicate cleanup, **~3,342 genuine recoverable** from MSP360/B2 staging (Glennda trigger = misspelled duplicate, canonical folder intact; 6/29/2025 restore point purged by 365-day retention); **Admin1/Admin2 NTFS hardening** on G:\Shares\Scanned (fixed inverted group nesting; Admin1 = RX,W + deny-delete, Admin2 = Full); vault drift open (pst-admin password) | 2026-07-02 |
|
||||
| [Peaceful Spirit Therapeutic Massage](clients/peaceful-spirit.md) | Massage therapy, two sites (Country Club 2930 N Country Club Rd + Northwest 6650 N Oracle); break-fix, Syncro 278525, 31 assets; **two-DC domain** — PST-SERVER (192.168.0.2, 2016 Essentials, all FSMO) + **PST-DC-NW (192.168.1.5, new 2019 Std physical server, replaced dead PST-SERVER2 on 7/2)** with DFS-R (PST-DFS) — **Gate 4 blocked on initial ~265 GB sync** over S2S VPN; L2TP/IPsec RRAS VPN complete (GuruRMM agents); data protection = B2/MSP360 "Files Backup 2025" + VSS shadow copies on G: + daily deletion-audit report (SACL 4660/4663 → HTML in the legal folder); **June–July 2026 file-deletion investigation** — 47,749 files gone from `@Clients` since 6/24 but ~93% duplicate cleanup, **~3,342 genuine recoverable** from MSP360/B2 staging (Glennda trigger = misspelled duplicate, canonical folder intact; 6/29/2025 restore point purged by 365-day retention); **Admin1/Admin2 NTFS hardening** on G:\Shares\Scanned (fixed inverted group nesting; Admin1 = RX,W + deny-delete, Admin2 = Full); vault drift open (pst-admin password) | 2026-07-03 |
|
||||
| [Patriot Internal Medicine](clients/patriot-internal-medicine.md) | Medical practice, two locations (Tucson + Sonoita); GuruRMM client+sites provisioned 2026-06-18 (Tucson: NORTH-WOLF-6270, Sonoita: LIGHT-HARBOR-9617); no agents deployed yet; enrollment keys vaulted; infrastructure discovery pending | 2026-06-18 |
|
||||
| [Sombra Residential LLC](clients/sombra-residential.md) | Property management; Server2013 (actually WS2012 EOL, unpatched) + DESKTOP-UQRN4K3 GuruRMM enrolled; Transwiz migration artifacts cause Office credential prompts | 2026-05-24 |
|
||||
| [Stamback Septic](clients/stamback-septic.md) | Septic services; prepaid block ~3.5 hrs remaining; DESKTOP-BTR2AM3 + StambackLaptopNew GuruRMM enrolled; OneDrive identity wipe pattern documented | 2026-05-24 |
|
||||
|
||||
Reference in New Issue
Block a user