sync: auto-sync from HOWARD-HOME at 2026-06-01 14:48:58
Author: Howard Enos Machine: HOWARD-HOME Timestamp: 2026-06-01 14:48:58
This commit is contained in:
@@ -0,0 +1,38 @@
|
|||||||
|
# Dataforth — Chauncey Bell M365 verify/reset + Bobbi Outlook printing
|
||||||
|
|
||||||
|
**Date:** 2026-06-01
|
||||||
|
**Mode:** infra / M365
|
||||||
|
**Ticket:** #32364 (onsite, 0.5 hr)
|
||||||
|
|
||||||
|
## User
|
||||||
|
- **User:** Howard Enos (howard)
|
||||||
|
- **Machine:** Howard-Home
|
||||||
|
- **Role:** tech
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## Chauncey Bell (cbell@dataforth.com)
|
||||||
|
|
||||||
|
Verified via Graph (Claude-Code-M365 app, tenant 7dfa3ce8-...):
|
||||||
|
|
||||||
|
- **Account:** active, enabled, `Member`, UPN/mail `cbell@dataforth.com`, created 2023-12-07, US.
|
||||||
|
- **Mailbox:** active Exchange Online (`EXCHANGE_S_STANDARD` provisioned).
|
||||||
|
- **License:** **Microsoft 365 Business Standard** (SKU `O365_BUSINESS_PREMIUM` / `f245ecc8-75af-4f8e-b61f-27d8114de5f3`) — full desktop Office apps (`OFFICE_BUSINESS`) + Teams + SharePoint + Exchange. Licensed, not just online.
|
||||||
|
- Naming note: `O365_BUSINESS_PREMIUM` is Microsoft's legacy SKU name for **Business Standard** — one of the 50 "Business Premium"-listed seats in the wiki, which are really Business Standard (the true Business Premium / SPB pool is the separate 5x `cbdb14ac` SKU).
|
||||||
|
|
||||||
|
**Password reset (he had never logged in / didn't know it):**
|
||||||
|
- cbell is **AD-synced** (`onPremisesSyncEnabled = true`), so the password is on-prem-mastered. Reset done in **on-prem AD via AD2** (`Set-ADAccountPassword`), NOT in M365 (a cloud/Graph reset would fail or be overwritten by sync).
|
||||||
|
- Set to a temporary password, **`ChangePasswordAtLogon = $false`** (so Howard's Office login wasn't interrupted); Chauncey to change it himself later.
|
||||||
|
- Password Hash Sync pushed it to M365 in ~2 min; Howard confirmed the Office sign-in worked.
|
||||||
|
- **AD location:** `CN=Chauncey Bell,OU=Azure_Users,DC=intranet,DC=dataforth,DC=com` — note this is **OU=Azure_Users**, and it IS syncing to Entra, which contradicts the wiki's "OU=SyncedUsers only" note (corrected in wiki).
|
||||||
|
|
||||||
|
## Bobbi — Outlook printing
|
||||||
|
|
||||||
|
- Reported printing failures from Outlook. **Switched her to Outlook (Classic)** — printing works without issues. (Known new-Outlook printing bug; Classic is the workaround.)
|
||||||
|
|
||||||
|
## Billing
|
||||||
|
- **Ticket #32364** (Dataforth Corp), 0.5 hr **onsite** (`26118`) covering both cbell + Bobbi. Invoice **#67757** = $0.00, applied 0.5 prepay hr. Customer-visible "Work Performed" note added. https://computerguru.syncromsp.com/tickets/111895931
|
||||||
|
- Prepay check: block read 35.5 after, but our 0.5 applied exactly — the larger drop was **Mike's concurrent invoice #67755** on his ticket **#32320** (afterhours ESXi, 3.0 hr remote). `40.0 → #32361 (1.0) → 39.0 → #32320 (3.0) + #32364 (0.5) → 35.5`.
|
||||||
|
|
||||||
|
## Earlier today (separate log)
|
||||||
|
- AOI XP VLAN + SMB1 backup share — see `2026-06-01-aoi-xp-vlan-share.md` (ticket #32361).
|
||||||
@@ -39,6 +39,7 @@ sources:
|
|||||||
- .claude/memory/infra_office_network.md
|
- .claude/memory/infra_office_network.md
|
||||||
- clients/dataforth/session-logs/2026-06-01-aoi-xp-vlan-share.md
|
- clients/dataforth/session-logs/2026-06-01-aoi-xp-vlan-share.md
|
||||||
- clients/dataforth/docs/aoi-xp-vlan-backup-runbook.md
|
- clients/dataforth/docs/aoi-xp-vlan-backup-runbook.md
|
||||||
|
- clients/dataforth/session-logs/2026-06-01-cbell-m365-bobbi-outlook.md
|
||||||
backlinks:
|
backlinks:
|
||||||
- projects/dataforth-dos
|
- projects/dataforth-dos
|
||||||
- systems/jupiter
|
- systems/jupiter
|
||||||
@@ -116,7 +117,7 @@ Signal conditioning / data acquisition manufacturer in Tucson, AZ. Long-standing
|
|||||||
### Email & Identity
|
### Email & Identity
|
||||||
|
|
||||||
- **M365 tenant:** dataforth.com | Tenant ID: `7dfa3ce8-c496-4b51-ab8d-bd3dcd78b584`
|
- **M365 tenant:** dataforth.com | Tenant ID: `7dfa3ce8-c496-4b51-ab8d-bd3dcd78b584`
|
||||||
- **Entra ID Sync:** Yes — Azure AD Connect from OU=SyncedUsers only
|
- **Entra ID Sync:** Yes — Azure AD Connect. Synced OUs include **OU=SyncedUsers** and **OU=Azure_Users** (cbell confirmed in OU=Azure_Users and syncing, 2026-06-01) — the earlier "SyncedUsers only" note was incomplete.
|
||||||
- **M365 licenses:** 50x Business Premium (39 used), 19x Exchange Online Plan 1 (5 used), 5x SPB (4 used)
|
- **M365 licenses:** 50x Business Premium (39 used), 19x Exchange Online Plan 1 (5 used), 5x SPB (4 used)
|
||||||
- **SMTP settings:** smtp.office365.com, port 587, STARTTLS — use `sysadmin@dataforth.com`
|
- **SMTP settings:** smtp.office365.com, port 587, STARTTLS — use `sysadmin@dataforth.com`
|
||||||
- **SMTP AUTH status:** Tenant-level not disabled; per-mailbox varies. `calibration@dataforth.com` had SmtpClientAuthentication=true re-enabled 2026-04-23. `sysadmin@dataforth.com` SMTP AUTH is blocked by Exchange Online default — testdatadb uses Graph API for email (Mail.Send permission granted to Claude-Code-M365 app 2026-05-12).
|
- **SMTP AUTH status:** Tenant-level not disabled; per-mailbox varies. `calibration@dataforth.com` had SmtpClientAuthentication=true re-enabled 2026-04-23. `sysadmin@dataforth.com` SMTP AUTH is blocked by Exchange Online default — testdatadb uses Graph API for email (Mail.Send permission granted to Claude-Code-M365 app 2026-05-12).
|
||||||
@@ -204,7 +205,7 @@ Signal conditioning / data acquisition manufacturer in Tucson, AZ. Long-standing
|
|||||||
- **ClaudeTools-ReadOnly AD account** — purpose unclear. Investigate.
|
- **ClaudeTools-ReadOnly AD account** — purpose unclear. Investigate.
|
||||||
- **Ken Hoffman has two accounts** (khoffman + oemdata) — not consolidated.
|
- **Ken Hoffman has two accounts** (khoffman + oemdata) — not consolidated.
|
||||||
- **jlohr account retained** — post-retirement (2026-03-31), kept enabled specifically to receive ntirety.com infrastructure notifications. Inbox rule forwards to mike@azcomputerguru.com. Do NOT disable.
|
- **jlohr account retained** — post-retirement (2026-03-31), kept enabled specifically to receive ntirety.com infrastructure notifications. Inbox rule forwards to mike@azcomputerguru.com. Do NOT disable.
|
||||||
- **Entra sync scope:** Only OU=SyncedUsers syncs to Entra. CompanyUsers OU does NOT sync. 38 stale TS-* test station accounts were cleaned from Entra 2026-03-27.
|
- **Entra sync scope:** OU=SyncedUsers **and OU=Azure_Users** sync to Entra (cbell confirmed in OU=Azure_Users, synced — 2026-06-01; the prior "SyncedUsers only" note was incomplete). CompanyUsers OU does NOT sync. 38 stale TS-* test station accounts were cleaned from Entra 2026-03-27.
|
||||||
|
|
||||||
### RDS / SAGE-SQL
|
### RDS / SAGE-SQL
|
||||||
- **RDS licensing:** Grace period reset 2026-05-06 by deleting GracePeriod registry key. Grace period expires again without proper CALs. Purchase RDS CALs (Per User mode, LicensingType=4).
|
- **RDS licensing:** Grace period reset 2026-05-06 by deleting GracePeriod registry key. Grace period expires again without proper CALs. Purchase RDS CALs (Per User mode, LicensingType=4).
|
||||||
@@ -277,6 +278,7 @@ As of 2026-06-01:
|
|||||||
| 2026-05-06 | SAGE-SQL RDS issues resolved — grace period reset, SSL cert replaced, TSGateway disabled, RemoteApp permission prompts fixed. |
|
| 2026-05-06 | SAGE-SQL RDS issues resolved — grace period reset, SSL cert replaced, TSGateway disabled, RemoteApp permission prompts fixed. |
|
||||||
| 2026-05-12 | Pipeline audit + email notifications implemented (Graph API). jlohr forwarding configured (ntirety.com → mike@). DKIM keys rotated. |
|
| 2026-05-12 | Pipeline audit + email notifications implemented (Graph API). jlohr forwarding configured (ntirety.com → mike@). DKIM keys rotated. |
|
||||||
| 2026-06-01 | AOI optical-inspection XP PC isolated onto VLAN 2 (mydata/SMT) @ 192.168.1.175; `aoibackup` SMB1 share created on D2TESTNAS locked to the XP only; other NAS shares set to deny the XP. D2TESTNAS confirmed Debian 13 / Samba 4.22.6 (repurposed Netgear ReadyNAS); vault + wiki OS corrected. Mike: AOI may see all of SMT; optional company-LAN/Internet block for the XP still pending. |
|
| 2026-06-01 | AOI optical-inspection XP PC isolated onto VLAN 2 (mydata/SMT) @ 192.168.1.175; `aoibackup` SMB1 share created on D2TESTNAS locked to the XP only; other NAS shares set to deny the XP. D2TESTNAS confirmed Debian 13 / Samba 4.22.6 (repurposed Netgear ReadyNAS); vault + wiki OS corrected. Mike: AOI may see all of SMT; optional company-LAN/Internet block for the XP still pending. |
|
||||||
|
| 2026-06-01 | Chauncey Bell (cbell) M365 verified — active mailbox, licensed Microsoft 365 Business Standard (full Office + Exchange); AD password reset on AD2 (synced user, OU=Azure_Users), signed into Office. Bobbi's Outlook printing fixed by switching to Outlook (Classic). Ticket #32364 (0.5 hr onsite). |
|
||||||
|
|
||||||
---
|
---
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user