sync: auto-sync from HOWARD-HOME at 2026-06-02 14:20:08

Author: Howard Enos Machine: HOWARD-HOME Timestamp: 2026-06-02 14:20:08
2026-06-02 14:20:17 -07:00
parent 920588cfab
commit b430c4c7c7
3 changed files with 94 additions and 4 deletions
--- a/wiki/clients/lonestar-electrical.md
+++ b/wiki/clients/lonestar-electrical.md
@@ -2,9 +2,10 @@
 type: client
 name: lonestar-electrical
 display_name: Lone Star Electrical Systems LLC
-last_compiled: 2026-06-01
-compiled_by: GURU-5070/claude-main
+last_compiled: 2026-06-02
+compiled_by: HOWARD-HOME/claude-main
 sources:
+  - clients/lonestar-electrical/session-logs/2026-06-02-session.md
  - clients/lonestar-electrical/session-logs/2026-06-01-session.md
  - clients/lonestar-electrical/session-logs/2026-05-29-sophos-removal.md
  - clients/lonestar-electrical/docs/apple-mdm-setup-reference.md
@@ -64,6 +65,19 @@ Electrical contractor in Tucson, AZ. ACG-managed client. Distinctive in the flee

 - **LS-1, LS-2** — Windows workstations at the **Norris site**; both upgraded to Win11 on 2026-05-04 (Syncro #32244). Both were inherited from the **previous MSP** with **Sophos Endpoint Protection** (managed via the previous MSP's Sophos Central — no ACG access). Sophos removal is in progress (see Patterns and Active Work). Both enrolled in **GuruRMM** during the 2026-05 removal work; ScreenConnect + GuruRMM agents registered for Safe Mode (`SafeBoot\Network`).

+### Unraid Server
+
+- **Status:** Running Unraid **7.1.4** as of 2026-06-02 (migrated to new USB flash drive).
+- **Hostname:** [verify]
+- **LAN IP:** [verify]
+- **License type:** [verify — Basic / Plus / Pro]
+- **Boot device:** New USB flash drive (written via Unraid USB Creator, 7.1.4). Original failed stick: label `UNRAID`, `/dev/sda1`, Generic Flash Disk 8GB — retired but kept as temporary backup until new stick confirmed stable.
+- **Config:** Old `config/` folder (array assignments `super.dat`, shares, network settings, license `.key`) copied from the failing stick onto the new one. Disk layout and array configuration preserved; only the OS files are fresh.
+- **License:** Re-registered to the new USB GUID via Unraid webGUI Tools > Registration > Replace Key on 2026-06-02.
+- **Root credentials:** Carried over from the old `config/shadow`; root password is NOT yet vaulted for this client. Only ACG's own Unraid boxes are vaulted (`infrastructure/jupiter-unraid-primary.sops.yaml`, `infrastructure/uranus-unraid.sops.yaml`). [verify and vault]
+- **Array/disk layout:** [verify — confirm all disks landed in correct slots from copied `super.dat`]
+- **Health check:** Mike's Claude session was running a check on 2026-06-02 post-migration — results pending.
+
 ---

 ## Access
@@ -72,6 +86,7 @@ Electrical contractor in Tucson, AZ. ACG-managed client. Distinctive in the flee
 - **ManageEngine MDM:** mike@azcomputerguru.com (Zoho Super Admin) — https://mdm.manageengine.com/webclient
 - **GWS service account (programmatic):** `ACG-MSP-Access (Google Workspace)` (vault: MSP Tools); key file `temp/acg-msp-access-8f72339997e5.json`
 - **Vault root:** `clients/lonestar-electrical/` in vault repo
+- **Unraid server:** root credentials not yet vaulted [verify and vault]

 ---

@@ -82,6 +97,7 @@ Electrical contractor in Tucson, AZ. ACG-managed client. Distinctive in the flee
 - **ManageEngine + Google Workspace dual-EMM trap (resolved 2026-03-24).** A personal phone repeatedly prompted for MDM enrollment when the user added their Lonestar Google account. Root cause was **two independent triggers**: (1) ManageEngine MDM self-enrollment was enabled for all directory groups, AND (2) ManageEngine was configured as a **third-party EMM provider inside Google Workspace** (Devices > Mobile & endpoints > Settings > Third-party integrations). The Google integration enforces enrollment on any device that adds a Lonestar account — independent of ManageEngine's own self-enrollment setting. **Fix required both:** disable ManageEngine self-enrollment (Enrollment > Self Enrollment > Disable) AND remove ManageEngine as the third-party EMM in the GWS Admin Console. Disabling only one leaves the prompt in place. Company tablets enrolled directly via QR code are unaffected by either change.
 - **Google Workspace, not M365.** Reach for GWS Admin Console + the ACG-MSP-Access service account for identity work. The M365 remediation-tool app suite does not apply to this client.
 - **Field/mobile-first.** Most tickets are phone/tablet/field-device oriented (iPhone field setup, tablet PDF editing). Expect mobile, not desktop, as the primary support surface — the LS-1/LS-2 desktop work is the exception, not the norm.
+- **Recurring `bzfirmware` checksum boot error = failing USB flash drive.** Replace the stick (Unraid USB Creator + copy old `config/` + re-register license to new GUID). Do NOT just replace the file — if the error recurs after a file-level fix, the stick itself is failing. Reusable for any Unraid box.

 ---

@@ -90,6 +106,11 @@ Electrical contractor in Tucson, AZ. ACG-managed client. Distinctive in the flee
 No open Syncro tickets as of 2026-06-01.

 - **Sophos removal on LS-1 / LS-2 (IN PROGRESS).** `SophosED.sys` kernel boot driver still present and active on both machines; most user-mode Sophos services removed from LS-2. Offline WinRE completion step pending on both (delete driver, disable SED service in offline hive, reboot, `SophosZap --confirm`). Handed off to Howard via coord message `689cfb7c` (2026-06-01). A Syncro ticket "Sophos Endpoint Removal - LS-1 and LS-2" was drafted — verify it exists before logging time.
+- **Unraid server USB replacement done (2026-06-02); PENDING:**
+  - Create Syncro ticket documenting the USB failure, replacement (Unraid 7.1.4 via USB Creator), config copy, and license re-registration.
+  - Capture and fold in the results of Mike's server health check (array start state, disk assignments, parity validity, registration status).
+  - Verify array integrity: confirm all disks landed in correct slots from the copied `super.dat`; ensure no unwanted parity rebuild was triggered.
+  - Vault the Lonestar Unraid root password and document the server in the wiki (hostname, IP, Unraid 7.1.4, license type).

 ---

@@ -106,16 +127,18 @@ No open Syncro tickets as of 2026-06-01.
 | 2026-05-05 | iPhone field setup (#32251) |
 | 2026-05-28/29 | Sophos removal on LS-1/LS-2 begun: enrolled in GuruRMM, removed Datto startup conflict (LS-2), registered Safe Mode agents, removed user-mode Sophos; blocked by `SophosED.sys` kernel driver — WinRE offline removal staged (Ventoy USB), completion pending |
 | 2026-06-01 | Recovered the (previously unlogged) Sophos removal context, reconstructed it into a session log, and handed the WinRE completion procedure to Howard via coordinator (msg `689cfb7c`) |
+| 2026-06-02 | Unraid server USB flash drive failed (recurring bzfirmware checksum error); migrated to new stick (Unraid 7.1.4 via USB Creator), copied old config/, re-registered license to new GUID |

 ---

 ## Compilation Notes

+- Refreshed 2026-06-02 (recompile by HOWARD-HOME/claude-main) to absorb the 2026-06-02 session log: added Unraid server infrastructure subsection, new `bzfirmware` checksum pattern, history row, and pending Active Work items.
 - Refreshed 2026-06-01 (full recompile) to incorporate the 2026-05-28/29 Sophos removal work, which had previously been lost — it was never written to a session log and survived only in a gitignored temp draft (`.claude/tmp/ollama_prompt.txt`) and coord message `8a5cb25c`. A proper session log was reconstructed at `clients/lonestar-electrical/session-logs/2026-05-29-sophos-removal.md` before this compile.
 - Seeded 2026-05-26 from two March session logs + credentials.md + vault entry + temp provisioning scripts, enriched with live Syncro data (customer 33809612).
 - **Vault slug is `lonestar-electrical`** (matches `clients/lonestar-electrical/` in the vault), though session logs and temp scripts use the un-hyphenated `lonestar`.
 - Lonestar work now lives in both `clients/lonestar-electrical/` (docs + session-logs) and root session logs / `temp/` scripts.
- Flagged `[verify]`: billing rate; exact roles/names for James, Kyla, Russ; full workstation inventory.
+- Flagged `[verify]`: billing rate; exact roles/names for James, Kyla, Russ; full workstation inventory; Unraid server hostname/IP/license type/root credentials.

 ## Backlinks