wiki: compile cascades-tucson (full) — EDR/Bitdefender migration, billing refresh
This commit is contained in:
@@ -95,6 +95,7 @@ sources:
|
||||
- clients/cascades-tucson/session-logs/2026-06/2026-06-25-howard-synology-skill-verify-fixes.md
|
||||
- clients/cascades-tucson/session-logs/2026-06/2026-06-25-howard-alma-offboarding-recovery-verify.md
|
||||
- clients/cascades-tucson/docs/security/offboarding-2026-06-25-alma-montt.md
|
||||
- clients/cascades-tucson/session-logs/2026-06/2026-06-25-howard-edr-rollout-bitdefender-removal.md
|
||||
backlinks:
|
||||
- projects/gururmm
|
||||
- wiki/systems/uos-server
|
||||
@@ -162,10 +163,10 @@ Because per-user **Intune** never provisioned tenant-wide (`INTUNE_A = PendingIn
|
||||
- Lupe Sanchez -- staff (DESKTOP-TRCIEJA). EOL workstation (Gateway ZX6971 AIO, i3-2120, 8 GB RAM, Win11 unsupported). **Decision 2026-06-18: replace machine** (dual-AV + EOL hardware causing slow Excel; no remediation on current box). GuruRMM agent `c9bf1a2d-bfdc-401e-9cc8-f9e90bb19587` (resolve live by hostname; UUIDs change on re-enroll).
|
||||
- **Syncro contact emails (authoritative):** ashley.jensen@, jd.martin@, crystal.rodriguez@, John.trozzi@, meredith.kuhn@, accounting@/accountingassistant@cascadestucson.com.
|
||||
- **Billing rate:** $175/hr all labor (prepaid block customer)
|
||||
- **Hours remaining:** **47.75 hrs as of 2026-06-25 (live Syncro).** Prior: 48.25 hrs as of 2026-06-24; 0.5h remote 2026-06-24 Executive restricted share #32193 (48.75->48.25). Prior: 7h remote+onsite 2026-06-19 voice VLAN + RF optimization (ticket #32444, 55.75->48.75). Prior: 0.5h remote 2026-06-12 shared mailboxes (ticket #32417, 56.25->55.75); 0.5h remote 2026-06-10 Meredith locked Word doc (ticket #32403, 56.75->56.25). Always live-check via `GET /customers/20149445` before billing.
|
||||
- **Hours remaining:** **46.75 hrs as of 2026-06-25 (live Syncro).** Prior: 47.75 hrs as of 2026-06-25 (post-Alma-offboarding session); 48.25 hrs as of 2026-06-24; 0.5h remote 2026-06-24 Executive restricted share #32193 (48.75->48.25). Prior: 7h remote+onsite 2026-06-19 voice VLAN + RF optimization (ticket #32444, 55.75->48.75). Prior: 0.5h remote 2026-06-12 shared mailboxes (ticket #32417, 56.25->55.75); 0.5h remote 2026-06-10 Meredith locked Word doc (ticket #32403, 56.75->56.25). Always live-check via `GET /customers/20149445` before billing.
|
||||
- **Syncro customer ID:** 20149445
|
||||
- **Managed devices (Syncro):** 29 (live 2026-06-25)
|
||||
- **Active tickets:** 5 open work tickets as of 2026-06-25 (#32194 spare machine, #32254 Chef-PC reinstall, #32319 WiFi rm343, #32342 Copy Room switch, #32370 eFax+scanner) -- all folded into `docs/REMAINING-WORK-PLAN.md`. **#32230 (Karen->ALDOCS) RESOLVED.** Separately, 4 hardware items are Invoiced (work done): #32440 server SSDs, #32439 MemCare UPS, #32443 Front Desk battery backup, #32330 Chris Knight PC. See Active Work for open non-ticketed projects.
|
||||
- **Active tickets:** **0 open Syncro tickets as of 2026-06-25 (live Syncro -- end of day).** Previously open work tickets (#32194 spare machine, #32254 Chef-PC reinstall, #32319 WiFi rm343, #32342 Copy Room switch, #32370 eFax+scanner) are now closed/resolved per live Syncro pull. **#32230 (Karen->ALDOCS) RESOLVED** (earlier today). 4 hardware items Invoiced (work done): #32440 server SSDs, #32439 MemCare UPS, #32443 Front Desk battery backup, #32330 Chris Knight PC. See Active Work and session logs for ongoing project work.
|
||||
- #110680053 / #32303 -- Entra / domain migration project. Status: **Invoiced** as of 2026-06-05. Plan: `C:\Users\Howard\.claude\plans\wise-discovering-panda.md`
|
||||
- #109412123 -- Entra setup project (verify status)
|
||||
- #32403 -- Meredith locked Word doc (0.5h remote, billed 2026-06-10, Invoiced)
|
||||
@@ -205,7 +206,7 @@ Because per-user **Intune** never provisioned tenant-wide (`INTUNE_A = PendingIn
|
||||
|
||||
**[INFO] Backup -- gap closed (2026-06-15); verified running 2026-06-24.** Mike installed ACG cloud backup (MSP360/CloudBerry -> ACG-backup server) on CS-SERVER, addressing the longstanding SS164.308(a)(7) "no backup" HIPAA gap. **Live check 2026-06-24:** last run (6/24 00:10) = "Plan status: Success", 0 failed; 575.7 GB / 248k-file dataset already in the cloud (only 465 MB changed -> full baseline exists, incrementals working). **Still to confirm: this looks FILE-LEVEL, not image/bare-metal/system-state -- for a DC that is a DR gap; confirm with Mike whether a separate image/system-state backup exists before treating it as full disaster coverage.** Set/confirm retention.
|
||||
|
||||
**[WARNING] CS-SERVER endpoint-agent sprawl:** CS-SERVER is NOT in the ACG Bitdefender/GravityZone tenant (Cascades company id `66b0448e1e0441d02508bad8`; 3 endpoints there, CS-SERVER absent). The previous MSP's **Datto RMM/CentraStage + Datto EDR/Infocyte** are still installed alongside Syncro + GuruRMM + ScreenConnect + KPAX -- overlapping agents thrashing the degraded spindle. Clean up the Datto stack.
|
||||
**[INFO] Endpoint security migration (2026-06-25, in progress):** Cascades is migrating from Syncro-deployed **Bitdefender GravityZone BEST** to **Datto EDR + Datto AV** (Infocyte/azcomp4587.infocyte.com) as the ACG-managed endpoint stack. Datto EDR org `2d5ea96e-3228-461b-9c60-13ae464b61d8`, target group `1dbd2b02-f7df-45d0-a7f2-18667f48447f`, reg key `6qw68y2rwl`. **Current state (end of session 2026-06-25):** 34 agents enrolled (was 27 at session start; 7 installed this session). **Bitdefender REMOVED from RECEPTIONIST-PC** (both physical boxes, serials MJ0KQH4R + MJ0KQHNP) via GravityZone console ("Uninstall client" task -- API `createUninstallTask` is dead in this version; no uninstall password was set on policy "GPS Default"). 6 orphaned `C:\Program Files\Bitdefender` folders deleted (BD was already uninstalled on those machines; safety-checked before deletion). **RECEPTIONIST-PC is two distinct physical machines sharing a hostname** -- dedup-by-hostname masks the second box in single-system inventory views. **Pending:** EDR install on 2 offline machines (DESKTOP-F94M8UT, NurseAssist); BD-check on 5 offline machines (DESKTOP-KQSL232, DESKTOP-MD6UQI3, DESKTOP-TRCIEJA, SALES4-PC, Laptop4); queued to auto-run on reconnect (background watcher `bfm81iqdz`). **Confirm Cascades is removed from Syncro's Bitdefender deployment** so BD does not redeploy onto cleaned machines (Syncro AV management is GUI-only). Also: GravityZone Cascades company `66b0448e1e0441d02508bad8` still has RECEPTIONIST-PC endpoint records in the portal (`66b04593e14f46ee79b1c87f`, `66b045ee2f4dee3f01f54630`) -- review/remove. **Separate cleanup still pending:** prior-MSP CentraStage RMM leftover on CS-SERVER; the Datto EDR agents on CS-SERVER have not yet been confirmed clean-enrolled vs leftover.
|
||||
|
||||
**[WARN] Power outage (2026-06-17):** Building power outage took the entire Cascades network down. Root cause: pfSense was plugged into the **surge-only side of the UPS** (no battery) -- it hard-powered-off uncleanly. ZFS survived. Dirty boot caused a **duplicate dhcpd** and a **2nd-floor switch (USL24PB, 192.168.2.193) with one-way L2 forwarding** blocking DHCP OFFERs. Howard killed the duplicate dhcpd remotely; Mike re-seated pfSense onto battery outlets, restored config from on-box auto-backup (12:20 version, VLAN30 intact), reset+re-adopted Switch 2nd Floor #2. Network fully restored. Post-recovery casualties: devices that booted during DHCP-down window cached disconnected state (kitchen thermal printer fixed by power-cycle). Incident report: `clients/cascades-tucson/reports/2026-06-17-power-outage-incident.md`.
|
||||
|
||||
@@ -445,7 +446,7 @@ Full design: `docs/network/phase1-voice-qos-design.md`. Status DESIGN -- nothing
|
||||
- **[WARN] ~25 switch ports at 100 Mbps but gig-capable.** Investigate after WiFi optimization is stable.
|
||||
- **[WARN] 3 offline switches** (Switch 4th Floor #2, USW Pro Max 16 -- root cause unknown; Switch 2nd Floor #2 was reset+re-adopted 2026-06-17). Investigate onsite.
|
||||
- **[SECURITY] Synology Cloud Signin Portal credential exposed in vault git history (commit 1fbc0e1).** Encrypted go-forward but credential must be rotated.
|
||||
- **[FLEET] Leftover Datto stack (CentraStage + Infocyte/DattoAV) -- not yet cleaned up on CS-SERVER.** DESKTOP-TRCIEJA will be replaced (no cleanup needed on that box). CS-SERVER cleanup still open.
|
||||
- **[FLEET] Endpoint security migration in progress (2026-06-25).** Datto EDR/AV (Infocyte/azcomp4587) is the new ACG-managed endpoint stack -- 34 agents enrolled; target is all GuruRMM-managed devices. Bitdefender removed from RECEPTIONIST-PC (both boxes); orphaned BD folders cleaned on 6 machines. Pending: 2 offline machines need EDR install (DESKTOP-F94M8UT, NurseAssist); 5 offline machines need BD-check; Cascades must be removed from Syncro's BD deployment to prevent redeploy. CS-SERVER still has the prior-MSP CentraStage RMM leftover -- cleanup pending separately.
|
||||
|
||||
### Security Incidents (historical)
|
||||
|
||||
@@ -473,9 +474,7 @@ Full design: `docs/network/phase1-voice-qos-design.md`. Status DESIGN -- nothing
|
||||
> **Canonical remaining-work plan: `docs/REMAINING-WORK-PLAN.md`** (built 2026-06-24 from a live
|
||||
> AD+RMM domain-join diff). 7 sequenced workstreams + every open ticket mapped to one. Work from it.
|
||||
|
||||
Syncro live pull 2026-06-25: **5 open work tickets** -- #32194 (spare machine for new hire),
|
||||
#32254 (Chef-PC reinstall), #32319 (WiFi Room 343), #32342 (Copy Room switch), #32370 (eFax + scanner).
|
||||
**#32230 (Karen Rossini -> ALDOCS) now RESOLVED.** #32193 (Executive restricted share) closed/billed 2026-06-24.
|
||||
Syncro live pull 2026-06-25 (end of day): **0 open Syncro tickets.** Previously open work tickets (#32194 spare machine, #32254 Chef-PC reinstall, #32319 WiFi Room 343, #32342 Copy Room switch, #32370 eFax+scanner) are now closed/resolved per Syncro. **#32230 (Karen Rossini -> ALDOCS) RESOLVED** earlier today. #32193 (Executive restricted share) closed/billed 2026-06-24. See session logs for active project work (domain migration, EDR rollout, CARF tech plan).
|
||||
Invoiced hardware (work done): #32440 server SSDs, #32439 MemCare UPS, #32443 Front Desk battery backup, #32330 Chris Knight PC.
|
||||
|
||||
**Device-readiness for domain migration (2026-06-24 live audit, 15 un-joined online machines):**
|
||||
@@ -493,7 +492,8 @@ Invoiced hardware (work done): #32440 server SSDs, #32439 MemCare UPS, #32443 Fr
|
||||
- **[TODAY 2026-06-23 ~09:00] Planned-outage bring-up + monitoring.** Power returns ~09:00 MST; John Trozzi powers on CS-SERVER + Synology. Howard monitors bottom-up: pfSense (verify SINGLE dhcpd `pgrep -f "dhcpd -user" | wc -l`==1, WAN up -- **reboot Cox modem if WAN doesn't establish**, the missed 6/17 step) -> switches/APs re-adopt (watch UOS controller for 12/12 switches + 77/77 APs) -> CS-SERVER (AD/DNS, DHCP, Hyper-V CS-QB, shares) -> Synology -> straggler sweep (known: kitchen thermal printer). **Watch-list (6/17 casualties):** Switch 2nd Floor #2 (USL24PB 192.168.2.193, one-way L2 break -- reset+re-adopt if floors 2/3/4 don't return); duplicate dhcpd. Clean shutdown verified at 05:31 (CS-SERVER offline via RMM cloud). Runbook: `docs/runbooks/2026-06-23-planned-power-outage.md`.
|
||||
- **[OPEN -- from runbook pre-flight] Confirm pfSense + core/PoE switches are on the BATTERY side of the UPS.** pfSense was on surge-only on 6/17 until Mike moved it; the other gear's battery-vs-surge placement was still "TODO -- John/onsite" at the 2026-06-22 pre-flight. Verify onsite.
|
||||
|
||||
- **[URGENT] Order replacement workstation for Lupe Sanchez (DESKTOP-TRCIEJA).** Decision made 2026-06-18. EOL Gateway ZX6971 / i3-2120 / 8 GB / Win11-unsupported. On new machine: provision GuruRMM + Bitdefender only; do NOT carry over the Datto stack.
|
||||
- **[URGENT] Order replacement workstation for Lupe Sanchez (DESKTOP-TRCIEJA).** Decision made 2026-06-18. EOL Gateway ZX6971 / i3-2120 / 8 GB / Win11-unsupported. On new machine: provision GuruRMM + Datto EDR/AV only; do NOT install Bitdefender (Datto EDR/AV is the new endpoint stack as of 2026-06-25). Do not carry over any prior-MSP Datto RMM/CentraStage artifacts.
|
||||
- **[IN PROGRESS 2026-06-25] Datto EDR/AV rollout + Bitdefender decommission.** 34 agents now enrolled (org `2d5ea96e`). Remaining gaps: install EDR on DESKTOP-F94M8UT + NurseAssist (offline; queued auto-run on reconnect via watcher `bfm81iqdz`); BD-check on DESKTOP-KQSL232, DESKTOP-MD6UQI3, DESKTOP-TRCIEJA, SALES4-PC, Laptop4 (offline). **Action required:** (1) Remove Cascades from Syncro's Bitdefender deployment (GUI-only) to prevent BD redeploying onto cleaned machines. (2) Verify/remove RECEPTIONIST-PC endpoint records in GravityZone console (company `66b0448e`). (3) Reconcile laptop3 (EDR active v5552, no matching GuruRMM agent). (4) Confirm/remove stale EDR agents: laptop1 (last seen 2026-05-08) and cascades-laptop (2026-06-23). (5) CS-SERVER: confirm the CentraStage RMM leftover is removed (separate from EDR). Session log: `2026-06-25-howard-edr-rollout-bitdefender-removal.md`.
|
||||
- **[URGENT] Rotate exposed Synology Cloud Signin Portal credential.** Vault commit 1fbc0e1 committed it plaintext; encrypted go-forward but credential is exposed in git history. Also verify MDM service account + WiFi CSCNet from that same commit were never plaintext.
|
||||
- **[DONE 2026-06-19] Voice VLAN (VLAN 30) migration COMPLETE -- 37 devices on VOICE** (28 Poly, 8 AudioCodes `.224-.231`, Vertical desktop `.201`). All Poly re-keyed by Howard. RF optimized (2.4 power->medium, 5 GHz clean DFS, retry halved). Billed: ticket #32444 (7h prepaid -- 4 onsite + 3 remote).
|
||||
- **[PENDING - hardware] Bistro phone replacement.** Kitchen server phone was bad (John pulled it 2026-06-19); the Bistro phone was relocated to the Kitchen to cover it, so the **Bistro has no phone**. Set up + re-key the replacement to the voice PPSK when it arrives.
|
||||
@@ -597,11 +597,26 @@ Invoiced hardware (work done): #32440 server SSDs, #32439 MemCare UPS, #32443 Fr
|
||||
| 2026-06-24 | **CARF Technology and System Plan deliverable started (Ashley Jensen request).** Built a first-pass technology-plan packet mapped to the 8 areas, then -- after the user clarified it is for **CARF accreditation** (Aging Services) -- verified the actual CARF standard via web research, produced a conformance gap analysis, an on-brand client PDF (via the `impeccable` skill, ACG design tokens), and a pre-filled CARF intake worksheet with a costed open-items table. Established a standing rule: all outbound client/vendor deliverables run through `impeccable` (memory `feedback_impeccable_on_outbound`). Project memory `project_cascades_carf_tech_plan`. Status: gathering inputs before building the final plan. |
|
||||
| 2026-06-24 | **CSC ENT device-island consolidation plan (voice + Helpany).** Merged the Poly 5 GHz fix with the Helpany "Paul" sensor rollout: repurpose the existing CSC ENT SSID as a permanent 5 GHz-only WPA2 PPSK "device island" carrying both the Poly voice handsets (PPSK -> VLAN 30) and the Helpany radar sensors (PPSK -> new VLAN 40), separated at the VLAN layer; both vendors transition their devices remotely. Onsite gate: verify per-room 5 GHz coverage before the band flip. CSC ENT is NOT deleted -- it becomes the WPA2 island that later unblocks moving CSCNet to WPA3/WiFi7/6 GHz. Plan: `docs/network/csc-ent-device-island-plan.md`. |
|
||||
| 2026-06-25 | **Alma Montt OFFBOARDED (terminated; MC Life Enrichment; no PHI/ALIS).** M365: sessions revoked, sign-in blocked, password reset+vaulted, mailbox -> SharedMailbox (Shelby Trozzi FullAccess+AutoMap), SPB license removed (seat freed), hidden from GAL, removed from groups. On-prem AD: disabled, groups stripped, moved to `OU=Excluded-From-Sync`. No litigation hold (no PHI). **Verified live end-to-end** (Graph + EXO + AD via RMM) and reconciled out of all active plans/rosters. Left a tenant-security item for Mike: the Tenant Admin SP still holds a standing Privileged Authentication Administrator role (Graph blocked the JIT teardown) -- needs GA removal. Record: `docs/security/offboarding-2026-06-25-alma-montt.md`. |
|
||||
| 2026-06-25 | **Endpoint security migration: Datto EDR/AV rollout + Bitdefender decommission.** Reconciled 33 GuruRMM devices vs 27 Datto EDR agents (org `2d5ea96e`); found 8 coverage gaps. Deployed EDR to 6 online clean machines (reg key `6qw68y2rwl`, target group `1dbd2b02`); fleet count 27->33. Discovered RECEPTIONIST-PC is two distinct physical machines sharing a hostname (serials MJ0KQH4R, MJ0KQHNP); only one had EDR -- installed on the second box (33->34 agents). Removed Bitdefender BEST 8.26.6.644 from both RECEPTIONIST-PC boxes via GravityZone console "Uninstall client" task (API uninstall dead; no uninstall password on policy). Cleaned 6 orphaned `C:\Program Files\Bitdefender` folders (safety-checked). Queued EDR installs + BD-checks on 5-7 offline machines; background watcher `bfm81iqdz` left polling. **Datto EDR/AV is now the ACG-managed endpoint stack; Bitdefender (GravityZone BEST) being fully decommissioned.** |
|
||||
|
||||
---
|
||||
|
||||
## Compilation Notes
|
||||
|
||||
**2026-06-25 recompile #2 (HOWARD-HOME/claude-main) changes vs. prior (2026-06-25 #1, compiled during Alma offboarding session):**
|
||||
- Main new source: `2026-06-25-howard-edr-rollout-bitdefender-removal.md`. Largest security-posture change since ACG onboarding: endpoint protection is migrating from Syncro-deployed Bitdefender GravityZone BEST to Datto EDR/AV (Infocyte/azcomp4587).
|
||||
- Infrastructure > endpoint warning block replaced: stale "agent sprawl / clean up the Datto stack" replaced with the active migration status (34 agents enrolled, BD removed from RECEPTIONIST-PC, pending offline machines, confirm Syncro BD deployment removed).
|
||||
- Known Issues > [FLEET] Datto stack item updated: now describes EDR migration in progress rather than "leftover from prior MSP".
|
||||
- Active Work: added [IN PROGRESS 2026-06-25] EDR rollout follow-up item (offline machines, GravityZone portal cleanup, stale agents, CentraStage leftover). Lupe Sanchez replacement note updated: provision Datto EDR/AV, not Bitdefender.
|
||||
- Billing: hours updated **47.75 -> 46.75** (Syncro live). Active tickets: **5 -> 0** (Syncro live end-of-day).
|
||||
- History Highlights: added 2026-06-25 EDR rollout entry. Patterns & Known Issues preserved verbatim (except [FLEET] item updated for migration). All other History entries preserved verbatim.
|
||||
- Sources: added EDR session log.
|
||||
|
||||
**2026-06-25 recompile #1 (HOWARD-HOME/claude-main) changes vs. prior (2026-06-24):**
|
||||
- Billing re-verified live (Syncro): **47.75 hrs / 29 devices / 5 open tickets** (was 48.25 / 29 / 6). #32230 (Karen->ALDOCS) RESOLVED.
|
||||
- Profile: hours + active-tickets updated. Access: Alma Montt offboarding entry + Tenant Admin SP standing PAA item. Email & Identity: SPB seat count (Alma's freed). History Highlights: 2026-06-25 Alma offboarding + CARF tech plan + CSC ENT device-island entries. Active Work: Tenant Admin PAA open item; CARF deliverable status.
|
||||
- Sources: added 2026-06-25 synology-skill-verify, alma-offboarding-recovery-verify, and offboarding record.
|
||||
|
||||
**2026-06-24 recompile (HOWARD-HOME/claude-main) changes vs. prior (2026-06-23):**
|
||||
- Surgical/additive update -- prior compile was 1 day old; preserved all sections verbatim, folded in the 2026-06-24 work.
|
||||
- Billing re-verified live (Syncro): **48.25 hrs / 29 devices / 6 open tickets** (was 48.75 / 0 open). Block draw: 0.5h #32193.
|
||||
|
||||
@@ -18,7 +18,7 @@ Run `/wiki-lint` to check for stale entries and broken backlinks.
|
||||
|
||||
| Article | Summary | Last Compiled |
|
||||
|---|---|---|
|
||||
| [Cascades of Tucson](clients/cascades-tucson.md) | Prepaid block $175/hr, **47.75 hrs remaining** (live 2026-06-25); senior living; active domain migration + HIPAA caregiver-lockdown project (GPOs deployed; Entra Hybrid Join + CA allow-list + ALIS SSO model proven); single DC (CS-SERVER) on aging R610 -- RAID **live-verified HEALTHY 2026-06-24** (the 6/15 "degraded" self-recovered; both mirrors Ok, 1:0:4 = global hot spare; consumer 320GB drives + lost-PSU-redundancy are planned follow-ups, NOT an emergency); cloud backup verified running; **Planned power outage 2026-06-23** clean self-shutdown executed + verified (bring-up ~09:00, John onsite); **Voice VLAN 30 migration COMPLETE 2026-06-19** (~38 devices: 29 Poly + 8 AudioCodes + desktop; awaiting Vertical to set Poly 5GHz-only); **UniFi RF optimized 2026-06-19** (77 U7-Pro APs/~587 clients: 2.4GHz power->Medium on 47 radios + 5GHz clean-DFS 40MHz channel plan -> 5GHz retry halved; 6GHz blocked by WPA3 on PPSK SSID); Syncro 5 open work tickets, device-readiness audit done (5 PCs on Win Home need Home->Pro before join); **Alma Montt offboarded 2026-06-25** (Tenant Admin SP left holding a standing PAA role -- removal pending Mike); **CARF Technology & System Plan** deliverable in progress for Ashley Jensen; remaining-work plan: docs/REMAINING-WORK-PLAN.md | 2026-06-25 |
|
||||
| [Cascades of Tucson](clients/cascades-tucson.md) | Prepaid block $175/hr, **46.75 hrs remaining** (live 2026-06-25); senior living; active domain migration + HIPAA caregiver-lockdown project (GPOs deployed; Entra Hybrid Join + CA allow-list + ALIS SSO model proven); single DC (CS-SERVER) on aging R610 -- RAID **live-verified HEALTHY 2026-06-24** (the 6/15 "degraded" self-recovered; both mirrors Ok, 1:0:4 = global hot spare; consumer 320GB drives + lost-PSU-redundancy are planned follow-ups, NOT an emergency); cloud backup verified running; **Planned power outage 2026-06-23** clean self-shutdown executed + verified (bring-up ~09:00, John onsite); **Voice VLAN 30 migration COMPLETE 2026-06-19** (~38 devices: 29 Poly + 8 AudioCodes + desktop; awaiting Vertical to set Poly 5GHz-only); **UniFi RF optimized 2026-06-19** (77 U7-Pro APs/~587 clients: 2.4GHz power->Medium on 47 radios + 5GHz clean-DFS 40MHz channel plan -> 5GHz retry halved; 6GHz blocked by WPA3 on PPSK SSID); Syncro 0 open tickets (live EOD 2026-06-25), device-readiness audit done (5 PCs on Win Home need Home->Pro before join); **Alma Montt offboarded 2026-06-25** (Tenant Admin SP left holding a standing PAA role -- removal pending Mike); **CARF Technology & System Plan** deliverable in progress for Ashley Jensen; **endpoint security migration started 2026-06-25** (Datto EDR/AV replacing Bitdefender; 34 agents enrolled); remaining-work plan: docs/REMAINING-WORK-PLAN.md | 2026-06-25 |
|
||||
| [Dataforth Corporation](clients/dataforth.md) | Prepaid block ~$2,099/mo, **31.5 hrs remaining** (live 2026-06-23); signal-conditioning manufacturer; 64 DOS test stations; 2025 ransomware recovery + incomplete file restore (migration-gap audit); 2026-03 phishing + MFA rollout; test-datasheet pipeline (DSCA cert publish via Hoffman API + testdatadb UI on AD2); mail stack INKY->Mailprotector CloudFilter->EXO; FreePBX 17 outage fixed 2026-06-08/09 (qualify_frequency=0; no RTP-forward); shares-ACL project (all open to staff; Phase 2 target-state strawman drafted 2026-06-22); Syncro asset reconciliation 2026-06-02; GuruRMM fleet ~45; Bitdefender phase-off | 2026-06-23 |
|
||||
| [Instrumental Music Center](clients/instrumental-music-center.md) | Prepaid block $175/hr, 12.5 hrs remaining; music retail/repair; AIMsi POS on SQL Server 2019; phantom DC causing slow logons; GuruRMM enrolled (IMC1) | 2026-05-24 |
|
||||
| [Jimmy Company](clients/jimmy.md) | Break-fix, $150/hr; single aging workstation BLASTER2 (Win10 22H2 EOL, i5-3470/3.8GB — replace); backups the recurring theme (QuickBooks data); onboarded to GuruRMM 2026-06-19 (RDP NLA + Kaseya removal + cleanup); MSP360 local backup drive full, 90-day retention set, space reclaim pending in console (cloud B2 healthy) | 2026-06-19 |
|
||||
|
||||
Reference in New Issue
Block a user