diff --git a/.netprobe_id b/.netprobe_id new file mode 100644 index 00000000..fef7f688 --- /dev/null +++ b/.netprobe_id @@ -0,0 +1 @@ +0e5dc73c-9b5a-4ffe-9fb3-194264b8049d diff --git a/clients/instrumental-music-center/PROJECT_STATE.md b/clients/instrumental-music-center/PROJECT_STATE.md index a22fef0c..47835b3e 100644 --- a/clients/instrumental-music-center/PROJECT_STATE.md +++ b/clients/instrumental-music-center/PROJECT_STATE.md @@ -2,7 +2,7 @@ > READ THIS before starting work on this client. > UPDATE THIS when you begin work (claim a lock) and when you finish (release lock + log changes). -> Last updated: 2026-05-06 +> Last updated: 2026-06-28 --- @@ -26,7 +26,8 @@ Music retail + repair shop running AIMsi POS on-prem. Primary server IMC1 (Dell **Personnel:** Manda is the new General Manager (replacing Michael Santander, already deactivated). Manda's new laptop `DESKTOP-KRHQ5TS` provisioned 2026-04-28 (AIMsi `USER#=4` per Leslie). **Known issues:** -- `IMC1` component store corruption (0x80073701) blocking RDS role removal — Server 2019 migration decision pending. +- **[UPDATE HOLD — 2026-06-28] Windows Update quality updates are intentionally blocked on IMC1.** The component-store corruption (malformed ETW manifest, provider GUID `{9c2a37f3-e5fd-5cae-bcd1-43dafeee1ff0}`) makes EVERY monthly Server 2016 CU stage S_OK then fail apply-on-boot (`HRESULT 15010` -> `CBS_E_INSTALLERS_FAILED` -> full rollback), leaving the box ~2 hrs in failed-apply + restore. Per Mike: CU **KB5094122** (2026-06 CU, the current offender; KB5075999 from Feb is superseded) was **hidden** via the WU COM API, AND `HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU\NoAutoUpdate=1` set so no quality update auto-installs. **REVERSE this hold (delete NoAutoUpdate / unhide) once the component store is repaired or IMC1 is migrated to Server 2019.** Manual `Check for updates` / install still works for deliberate patching. +- `IMC1` component store corruption (0x80073701) blocking RDS role removal — Server 2019 migration decision pending. **Root cause of the update hold above.** - **`ServerIMC` (192.168.0.63) — phantom/broken DC.** Registered as a DC in DNS (A + SRV records), responds to ICMP, but **TCP/389 LDAP and TCP/88 Kerberos refuse connections.** The DC locator round-robins between IMC1 and ServerIMC; clients picking ServerIMC time out. **This degrades authentication for every domain user at IMC** — intermittent slow logons, GPO failures, and was the root cause of the 2026-04-22 remote domain-join failure for `DESKTOP-KRHQ5TS`. Needs investigation: real-but-broken DC (repair AD services) or ghost from a demoted DC (`ntdsutil` metadata cleanup). Was flagged as "unclear" on 2026-04-13; promoted to confirmed issue 2026-04-28. --- @@ -82,6 +83,7 @@ Music retail + repair shop running AIMsi POS on-prem. Primary server IMC1 (Dell | Date | By | Change | Status | |------|-----|--------|--------| +| 2026-06-28 | Howard | **Blocked failing Windows CU on IMC1** (per Mike): hid CU **KB5094122** (2026-06 Server 2016 CU) via WU COM API + set `NoAutoUpdate=1` policy, restarted `wuauserv`. Both verified. Stops the recurring ~2-hr stage->reboot->apply-fail->rollback caused by the component-store corruption. **NOTE: IMC1 GuruRMM agent UUID re-enrolled to `88cbf7c0-abfa-4f12-846c-96274f718bff`** (old `fa99e913-...` is stale). Component-store repair planned next. | DEPLOYED | | 2026-05-06 | Howard | AIM connection-broken recurrence (Station 1, ~12:14 PM). Re-enumerated all 3 SQL instances on IMC1; corrected wrong-instance diagnosis from 2026-05-05 (production AIM is on `IMC1\SQLEXPRESS` Standard, not `IMC1\AIMSQL` Express). Confirmed AIMSQL is orphan (zero active clients, 2023-era DBs only). Unregistered the daily 02:30 AIMSQL restart task (it was restarting the wrong instance). Audit artifacts left on disk at `C:\Windows\Temp\aimsql-restart.{ps1,log}`. No service touches. | DIAGNOSED | | 2026-05-05 | Howard | Initial AIM "connection broken" diagnosis on Station 1. GuruRMM client/site provisioned, IMC1 enrolled (agent `fa99e913-1027-4e33-a928-7695e31068e7`). Scheduled `MSSQL$AIMSQL` restart for 02:30 — fired clean but had no effect (wrong instance, see 2026-05-06 entry). | SUPERSEDED | | 2026-04-28 | Howard | Provisioned `DESKTOP-KRHQ5TS` for Manda (new GM): joined to imc.local onsite, AD account created, Outlook M365 configured, Office activated, AIMsi `USER#=4` per Leslie. Ticket #32218 invoiced, 1.5 hrs from prepay (14.0 → 12.5). Confirmed `ServerIMC` (192.168.0.63) is a real authentication-degrading phantom DC (SRV/A claim DC, LDAP/Kerberos refuse). | DEPLOYED |