sync: auto-sync from HOWARD-HOME at 2026-06-02 14:20:08
Author: Howard Enos Machine: HOWARD-HOME Timestamp: 2026-06-02 14:20:08
This commit is contained in:
@@ -2,9 +2,10 @@
|
||||
type: client
|
||||
name: lonestar-electrical
|
||||
display_name: Lone Star Electrical Systems LLC
|
||||
last_compiled: 2026-06-01
|
||||
compiled_by: GURU-5070/claude-main
|
||||
last_compiled: 2026-06-02
|
||||
compiled_by: HOWARD-HOME/claude-main
|
||||
sources:
|
||||
- clients/lonestar-electrical/session-logs/2026-06-02-session.md
|
||||
- clients/lonestar-electrical/session-logs/2026-06-01-session.md
|
||||
- clients/lonestar-electrical/session-logs/2026-05-29-sophos-removal.md
|
||||
- clients/lonestar-electrical/docs/apple-mdm-setup-reference.md
|
||||
@@ -64,6 +65,19 @@ Electrical contractor in Tucson, AZ. ACG-managed client. Distinctive in the flee
|
||||
|
||||
- **LS-1, LS-2** — Windows workstations at the **Norris site**; both upgraded to Win11 on 2026-05-04 (Syncro #32244). Both were inherited from the **previous MSP** with **Sophos Endpoint Protection** (managed via the previous MSP's Sophos Central — no ACG access). Sophos removal is in progress (see Patterns and Active Work). Both enrolled in **GuruRMM** during the 2026-05 removal work; ScreenConnect + GuruRMM agents registered for Safe Mode (`SafeBoot\Network`).
|
||||
|
||||
### Unraid Server
|
||||
|
||||
- **Status:** Running Unraid **7.1.4** as of 2026-06-02 (migrated to new USB flash drive).
|
||||
- **Hostname:** [verify]
|
||||
- **LAN IP:** [verify]
|
||||
- **License type:** [verify — Basic / Plus / Pro]
|
||||
- **Boot device:** New USB flash drive (written via Unraid USB Creator, 7.1.4). Original failed stick: label `UNRAID`, `/dev/sda1`, Generic Flash Disk 8GB — retired but kept as temporary backup until new stick confirmed stable.
|
||||
- **Config:** Old `config/` folder (array assignments `super.dat`, shares, network settings, license `.key`) copied from the failing stick onto the new one. Disk layout and array configuration preserved; only the OS files are fresh.
|
||||
- **License:** Re-registered to the new USB GUID via Unraid webGUI Tools > Registration > Replace Key on 2026-06-02.
|
||||
- **Root credentials:** Carried over from the old `config/shadow`; root password is NOT yet vaulted for this client. Only ACG's own Unraid boxes are vaulted (`infrastructure/jupiter-unraid-primary.sops.yaml`, `infrastructure/uranus-unraid.sops.yaml`). [verify and vault]
|
||||
- **Array/disk layout:** [verify — confirm all disks landed in correct slots from copied `super.dat`]
|
||||
- **Health check:** Mike's Claude session was running a check on 2026-06-02 post-migration — results pending.
|
||||
|
||||
---
|
||||
|
||||
## Access
|
||||
@@ -72,6 +86,7 @@ Electrical contractor in Tucson, AZ. ACG-managed client. Distinctive in the flee
|
||||
- **ManageEngine MDM:** mike@azcomputerguru.com (Zoho Super Admin) — https://mdm.manageengine.com/webclient
|
||||
- **GWS service account (programmatic):** `ACG-MSP-Access (Google Workspace)` (vault: MSP Tools); key file `temp/acg-msp-access-8f72339997e5.json`
|
||||
- **Vault root:** `clients/lonestar-electrical/` in vault repo
|
||||
- **Unraid server:** root credentials not yet vaulted [verify and vault]
|
||||
|
||||
---
|
||||
|
||||
@@ -82,6 +97,7 @@ Electrical contractor in Tucson, AZ. ACG-managed client. Distinctive in the flee
|
||||
- **ManageEngine + Google Workspace dual-EMM trap (resolved 2026-03-24).** A personal phone repeatedly prompted for MDM enrollment when the user added their Lonestar Google account. Root cause was **two independent triggers**: (1) ManageEngine MDM self-enrollment was enabled for all directory groups, AND (2) ManageEngine was configured as a **third-party EMM provider inside Google Workspace** (Devices > Mobile & endpoints > Settings > Third-party integrations). The Google integration enforces enrollment on any device that adds a Lonestar account — independent of ManageEngine's own self-enrollment setting. **Fix required both:** disable ManageEngine self-enrollment (Enrollment > Self Enrollment > Disable) AND remove ManageEngine as the third-party EMM in the GWS Admin Console. Disabling only one leaves the prompt in place. Company tablets enrolled directly via QR code are unaffected by either change.
|
||||
- **Google Workspace, not M365.** Reach for GWS Admin Console + the ACG-MSP-Access service account for identity work. The M365 remediation-tool app suite does not apply to this client.
|
||||
- **Field/mobile-first.** Most tickets are phone/tablet/field-device oriented (iPhone field setup, tablet PDF editing). Expect mobile, not desktop, as the primary support surface — the LS-1/LS-2 desktop work is the exception, not the norm.
|
||||
- **Recurring `bzfirmware` checksum boot error = failing USB flash drive.** Replace the stick (Unraid USB Creator + copy old `config/` + re-register license to new GUID). Do NOT just replace the file — if the error recurs after a file-level fix, the stick itself is failing. Reusable for any Unraid box.
|
||||
|
||||
---
|
||||
|
||||
@@ -90,6 +106,11 @@ Electrical contractor in Tucson, AZ. ACG-managed client. Distinctive in the flee
|
||||
No open Syncro tickets as of 2026-06-01.
|
||||
|
||||
- **Sophos removal on LS-1 / LS-2 (IN PROGRESS).** `SophosED.sys` kernel boot driver still present and active on both machines; most user-mode Sophos services removed from LS-2. Offline WinRE completion step pending on both (delete driver, disable SED service in offline hive, reboot, `SophosZap --confirm`). Handed off to Howard via coord message `689cfb7c` (2026-06-01). A Syncro ticket "Sophos Endpoint Removal - LS-1 and LS-2" was drafted — verify it exists before logging time.
|
||||
- **Unraid server USB replacement done (2026-06-02); PENDING:**
|
||||
- Create Syncro ticket documenting the USB failure, replacement (Unraid 7.1.4 via USB Creator), config copy, and license re-registration.
|
||||
- Capture and fold in the results of Mike's server health check (array start state, disk assignments, parity validity, registration status).
|
||||
- Verify array integrity: confirm all disks landed in correct slots from the copied `super.dat`; ensure no unwanted parity rebuild was triggered.
|
||||
- Vault the Lonestar Unraid root password and document the server in the wiki (hostname, IP, Unraid 7.1.4, license type).
|
||||
|
||||
---
|
||||
|
||||
@@ -106,16 +127,18 @@ No open Syncro tickets as of 2026-06-01.
|
||||
| 2026-05-05 | iPhone field setup (#32251) |
|
||||
| 2026-05-28/29 | Sophos removal on LS-1/LS-2 begun: enrolled in GuruRMM, removed Datto startup conflict (LS-2), registered Safe Mode agents, removed user-mode Sophos; blocked by `SophosED.sys` kernel driver — WinRE offline removal staged (Ventoy USB), completion pending |
|
||||
| 2026-06-01 | Recovered the (previously unlogged) Sophos removal context, reconstructed it into a session log, and handed the WinRE completion procedure to Howard via coordinator (msg `689cfb7c`) |
|
||||
| 2026-06-02 | Unraid server USB flash drive failed (recurring bzfirmware checksum error); migrated to new stick (Unraid 7.1.4 via USB Creator), copied old config/, re-registered license to new GUID |
|
||||
|
||||
---
|
||||
|
||||
## Compilation Notes
|
||||
|
||||
- Refreshed 2026-06-02 (recompile by HOWARD-HOME/claude-main) to absorb the 2026-06-02 session log: added Unraid server infrastructure subsection, new `bzfirmware` checksum pattern, history row, and pending Active Work items.
|
||||
- Refreshed 2026-06-01 (full recompile) to incorporate the 2026-05-28/29 Sophos removal work, which had previously been lost — it was never written to a session log and survived only in a gitignored temp draft (`.claude/tmp/ollama_prompt.txt`) and coord message `8a5cb25c`. A proper session log was reconstructed at `clients/lonestar-electrical/session-logs/2026-05-29-sophos-removal.md` before this compile.
|
||||
- Seeded 2026-05-26 from two March session logs + credentials.md + vault entry + temp provisioning scripts, enriched with live Syncro data (customer 33809612).
|
||||
- **Vault slug is `lonestar-electrical`** (matches `clients/lonestar-electrical/` in the vault), though session logs and temp scripts use the un-hyphenated `lonestar`.
|
||||
- Lonestar work now lives in both `clients/lonestar-electrical/` (docs + session-logs) and root session logs / `temp/` scripts.
|
||||
- Flagged `[verify]`: billing rate; exact roles/names for James, Kyla, Russ; full workstation inventory.
|
||||
- Flagged `[verify]`: billing rate; exact roles/names for James, Kyla, Russ; full workstation inventory; Unraid server hostname/IP/license type/root credentials.
|
||||
|
||||
## Backlinks
|
||||
|
||||
|
||||
@@ -41,7 +41,7 @@ Run `/wiki-lint` to check for stale entries and broken backlinks.
|
||||
| [Western Tire](clients/western-tire.md) | Tire retail (jackfurriers.com brand); Mike Furrier owner (Syncro ID 391491); email migrated from websvr to IX 2026-04-22; 30 mailboxes; SSL cert expires 2026-05-30 | 2026-05-24 |
|
||||
| [Kittle (general contractor)](clients/kittle.md) | General contractor Tucson AZ; Syncro 32460233; HPE MicroServer Gen11 WS2025 EVAL at 10.0.0.5; no backups, no firewall; DKIM/DMARC missing; 3 plaintext creds in Syncro notes; GuruRMM onboarding 2026-05-08 | 2026-05-24 |
|
||||
| [Khalsa (two-site)](clients/khalsa.md) | Two-site client (Camden + River); onboarding not completed; domain khalsa.local, DC TROUT at 10.11.12.254; Mac domain-join runbook documented; template docs otherwise empty | 2026-05-24 |
|
||||
| [Lone Star Electrical Systems](clients/lonestar-electrical.md) | Electrical contractor Tucson AZ; Syncro 33809612, prepaid block 17.0 hrs; Google Workspace (not M365); ManageEngine MDM (Zoho); 2026-03 dual-EMM self-enrollment trap resolved; LS-1/LS-2 inherited-Sophos kernel-driver removal in progress; field/mobile-first | 2026-06-01 |
|
||||
| [Lone Star Electrical Systems](clients/lonestar-electrical.md) | Electrical contractor Tucson AZ; Syncro 33809612, prepaid block 17.0 hrs; Google Workspace (not M365); ManageEngine MDM (Zoho); Unraid server (7.1.4, USB migrated 2026-06-02); LS-1/LS-2 inherited-Sophos kernel-driver removal in progress; field/mobile-first | 2026-06-02 |
|
||||
| [Anaise](clients/anaise.md) | Single workstation client; contact David (anaisedavid.office@gmail.com); DESKTOP-O8GF4SD; creds in vault at clients/anaise/desktop-o8gf4sd.sops.yaml; onboarding incomplete; M365 enrollment unconfirmed | 2026-05-24 |
|
||||
| [ACG Website (azcomputerguru.com)](clients/azcomputerguru.com.md) | Public website redesign (Astro); score 33/40; placeholder testimonials + no-backend form are pre-launch blockers; OKLCH token design system; see internal-infrastructure.md for ACG servers | 2026-05-24 |
|
||||
| [Quantum WMS](clients/quantumwms.md) | WMS company; quantumwms.com tenant (ddf3d2c9); GoDaddy decoupling + M365 migration; 2x Business Premium + Exchange Online Plan 1; deadline 2026-06-03; Tenant Admin consented 2026-05-26 | 2026-05-26 |
|
||||
|
||||
Reference in New Issue
Block a user