azcomputerguru/claudetools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

sync: auto-sync from HOWARD-HOME at 2026-06-02 20:00:25

Browse Source 
Author: Howard Enos
Machine: HOWARD-HOME
Timestamp: 2026-06-02 20:00:25
This commit is contained in:
Howard Enos
2026-06-02 20:00:32 -07:00
parent e0643310a0
commit bba57a1d3e
3 changed files with 185 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

106
clients/dataforth/session-logs/2026-06-02-session.md Normal file
View File

@@ -0,0 +1,106 @@
# Dataforth Session Log — 2026-06-02
## User
- **User:** Howard Enos (howard)
- **Machine:** Howard-Home
- **Role:** tech
## Session Summary
Winter (Dataforth contact) asked Howard to clean up the Dataforth asset list in Syncro (customer_id 578095), removing machines no longer in service, so the account can be moved to metered per-asset billing. ACG pays per asset even after a machine is retired client-side, so stale records inflate the bill. The work was a read-only reconciliation across three systems we control — Syncro, Bitdefender GravityZone, and ScreenConnect — to determine which assets are genuinely dead versus merely missing one agent.
Pulled the full Syncro asset list (78 assets, 2 pages). Found 57 of 78 frozen at or before `updated_at = 2025-10-06`, with the rest showing recent check-ins — a hard cutoff indicating a fleet-wide Syncro agent break around that date rather than 57 machines retiring simultaneously. Confirmed no in-Syncro duplicate records (no shared computer_name/serial; the only MAC collisions were VirtualBox default adapters), so the frozen records are unique machines, not re-enrollment orphans. Pulled Bitdefender GravityZone for the Dataforth company (`64c94ef310db128bfa0d908f`, suffix `_578095` confirms the client): only 4 endpoints actively managed in "Custom Groups", 53 in the "Deleted" folder — Dataforth is being phased off Bitdefender, so BD-absence is NOT a decommission signal.
Howard then set the governing rule: a machine is **saved** if it has been online within 150 days in **any** of Syncro, ScreenConnect, or Bitdefender, and flagged for repair if alive in one system but broken in another. ScreenConnect was the missing third source. Reverse-engineered the ScreenConnect RESTful API extension auth (the vault note only said "CTRLAuthHeader + Origin"); the working scheme is `CTRLAuthHeader: <raw api_secret>` (no "Basic " prefix) + `Origin` header, method `GetSessionsByName` with `{"sessionName":"..."}`. The api user's session visibility is limited (agent session `Name` fields are blank), so the API alone could not enumerate Dataforth. Howard supplied a 15s screen recording of the ScreenConnect session list; extracted 10 frames via a pip-installed `imageio-ffmpeg` and read the online/offline + idle status for each machine.
The ScreenConnect data was decisive: ~21 machines that look dead in Syncro (frozen 2025-10-06) are online right now in ScreenConnect (AD1, AD2, SAGE-SQL, FILES-D1, MY9-PC, DANC0619, DFORTH-SHIP, etc.) — their boxes are fine, only the Syncro agent died. Final reconciliation of 78 assets: 20 keep (active in Syncro <150d), 21 save+flag (alive elsewhere, broken Syncro agent), 28 remove (dead in all three), 9 verify (servers with no agent anywhere — could be live console-only). Attempted the deletions via API but `DELETE /customer_assets/{id}` returned an HTML 404 (route not exposed for this token); stopped per the Syncro skill hard-rule, verified the test asset was untouched, and handed Howard a GUI delete list. Closed by saving a 5-step todo tree under `clients/dataforth` for Howard to execute tomorrow.
## Key Decisions
- **Drove removal decisions off Syncro last-checkin age, not Bitdefender presence.** BD is being decommissioned at Dataforth (only 4 of 57 endpoints still managed), so "gone from BD" only means the BD agent was uninstalled. Proven by GOLDSTAR19/DESKTOP-3PFA5I7 checking into Syncro today while showing BD-deleted.
- **Adopted Howard's 3-system OR rule** (online <150d in Syncro OR ScreenConnect OR Bitdefender → save + flag) instead of removing on Syncro-staleness alone. This saved 21 live machines from wrongful removal.
- **Split stale candidates into workstations vs servers.** Removing a live-but-agent-broken server also kills its monitoring, so 8 server-OS boxes absent from all three systems went to a VERIFY bucket rather than auto-remove.
- **Stopped after one failed DELETE rather than probing alternative endpoints,** per the Syncro skill hard-rule (unexpected response → stop). The API returned an HTML 404 page, indicating the route is not exposed for this integration token; deletions were routed to the Syncro GUI.
- **Treated ScreenConnect "Idle Xd" as a last-activity recency signal** even for currently-offline machines (e.g. DFASLB0519 idle 5h = active 5h ago → alive), so short-idle offline machines were saved.
## Problems Encountered
- **identity.json not at the assumed path.** The Syncro skill template referenced `D:/claudetools`; this machine is `C:/claudetools`. Corrected all script paths to `C:/claudetools/.claude/identity.json`.
- **Python could not open git-bash-style paths** (`/c/...`). Switched file paths in Python scripts to Windows form (`C:/claudetools/...`).
- **Syncro API responses contain unescaped control chars** — stripped with `tr -d '\000-\037'` before jq/json parsing, per the skill's documented quirk.
- **ScreenConnect API auth undocumented.** Probed method names (only `GetSessionsByName` exists) and auth header formats; the working combination is `CTRLAuthHeader: <raw secret>` + `Origin`. The api user sees only a handful of sessions by name (agent Names are blank), so the API could not enumerate Dataforth — resolved by reading frames from Howard's screen recording.
- **No ffmpeg / video libs installed.** Installed `imageio-ffmpeg` via pip (bundles a static ffmpeg) to extract frames from the .mp4.
- **`DELETE /customer_assets/{id}` returned HTML 404.** Asset deletion not available via this API token; verified the test asset (id 23845) was untouched and switched to GUI deletion.
- **Coord todos POST schema mismatch.** Required fields are `text`, `created_by_user`, `created_by_machine` (not `title`/`description`); a heredoc-in-function quoting bug silently dropped 5 subtasks — recreated them with direct POSTs.
## Configuration Changes
- No repo source files modified. All work products are machine-local under `C:/claudetools/.claude/tmp/` (gitignored, not synced):
- `dataforth_assets.json` — 78 Syncro assets (raw)
- `bd_endpoints.json`, `bd_lastseen.json` — Bitdefender GravityZone inventory + last-seen
- `remove_ids.json` — 28 confirmed-dead assets (id + name)
- `flag_ids.json` — 21 alive-but-broken machines
- `frames/f_001.jpg`..`f_010.jpg` — extracted ScreenConnect frames
- analysis scripts: `analyze_assets.py`, `dupe_check.py`, `reconcile.py`, `sc_status.py`, `bd_walk.py`, `bd_lastseen.py`, `sc_all.json`
- Installed pip package `imageio-ffmpeg` (user site) for frame extraction.
## Credentials & Secrets
- **ScreenConnect RESTful API** — vault: `msp-tools/screenconnect.sops.yaml` (fields `credentials.username`, `credentials.api_secret`). Host `https://computerguru.screenconnect.com`, extension-guid `2d558935-686a-4bd0-9991-07539f5fe749`.
- **Working auth (newly determined):** header `CTRLAuthHeader: <raw api_secret>` (NO "Basic " prefix) + header `Origin: https://computerguru.screenconnect.com`. Basic-auth in `Authorization` or a "Basic <b64>" CTRLAuthHeader both 401.
- **Only method that exists:** `POST /App_Extensions/<guid>/Service.ashx/GetSessionsByName` with body `{"sessionName":"<name>"}`. All other Get* method names return 500 "Web method does not exist". Match is on the session `Name` field (blank for unattended agents), so this api user enumerates only a few sessions — not full inventory. Custom props: CP1=Company, CP2=Site, CP3=Tag.
- **Syncro API** — per-user keys baked into the `/syncro` skill; Howard's integration token lacks (or Syncro does not expose) asset-delete scope (`DELETE /customer_assets/{id}` → HTML 404).
- No new secrets created.
## Infrastructure & Servers
- **Syncro PSA:** `https://computerguru.syncromsp.com/api/v1`; Dataforth customer_id `578095`; assets page `https://computerguru.syncromsp.com/customer_assets?customer_id=578095`.
- **Bitdefender GravityZone (ACG partner tenant):** Dataforth company id `64c94ef310db128bfa0d908f`; group tree = "Custom Groups" (`64c94ef410db128bfa0d9094`, 4 managed) + "Deleted" (`64c94ef410db128bfa0d9095`, 53 mostly unmanaged).
- **ScreenConnect:** `https://computerguru.screenconnect.com`.
- **Coord API:** `http://172.16.3.30:8001/api/coord/todos`.
- **Dataforth primary contact (Syncro):** Dan Center, dcenter@dataforth.com; invoice CC jantar@dataforth.com. GravityZone company owner field: Lee Payne.
## Commands & Outputs
```bash
# Syncro asset pull (paginate, strip control chars)
curl -s "$BASE/customer_assets?customer_id=578095&per_page=100&page=N&api_key=$KEY" | tr -d '\000-\037'
# Bitdefender: find company, walk group tree, pull lastSeen
py gz.py companies --json # -> 64c94ef310db128bfa0d908f Dataforth
py gz.py raw --module network --method getNetworkInventoryItems --params '{"parentId":"<co>","page":1,"perPage":100}'
py gz.py raw --module network --method getManagedEndpointDetails --params '{"endpointId":"<id>"}' # -> lastSeen
# ScreenConnect (WORKING auth):
curl -s -X POST "https://computerguru.screenconnect.com/App_Extensions/2d558935-686a-4bd0-9991-07539f5fe749/Service.ashx/GetSessionsByName" \
-H "CTRLAuthHeader: <api_secret>" -H "Origin: https://computerguru.screenconnect.com" \
-H "Content-Type: application/json" --data '{"sessionName":""}'
# Frame extraction
python -m pip install imageio-ffmpeg
"<imageio_ffmpeg ffmpeg>" -i "Recording 2026-06-02 185624.mp4" -vf "fps=1/1.5" -q:v 3 frames/f_%03d.jpg
# Syncro asset delete attempt (FAILED — route not exposed)
curl -s -X DELETE "$BASE/customer_assets/23845?api_key=$KEY" # -> HTML 404; asset still present (GET 200)
```
Reconciliation result: 78 assets → 20 keep / 21 save+flag / 28 remove / 9 verify.
## Pending / Incomplete Tasks
Saved as a coord todo tree under `clients/dataforth` (parent `103c48ad-7b31-4967-9388-065a91888e7c`), assigned to howard:
1. Delete the 28 confirmed-dead assets in the Syncro GUI (API won't delete).
2. Decide the 9 VERIFY servers (likely dead: OLD-AD2, EXCHANGE16, SAGETS-1; confirm: APPS, AD-3, AD-4, EXCHANGE, EPICOR, D2-ASSY-001).
3. Fix the 21 alive-but-broken machines — reinstall Syncro agent (do NOT delete).
4. Switch Dataforth to metered Syncro asset billing once clean.
5. Reply to Winter; flag the ~2025-10-06 fleet-wide Syncro agent break for investigation.
Open offer: persist remove/flag lists into the Dataforth wiki (tmp files are machine-local/unsynced); save ScreenConnect API auth to vault note + memory.
## Reference Information
- **28 REMOVE ids:** 23845, 149614, 9708445, 9357407, 9276901, 9212922, 9078651, 8824875, 8824867, 8726494, 8726485, 8657233, 8606209, 8572160, 8523941, 8411908, 8410614, 8632009, 8726495, 8421223, 9081717, 8726493, 8423782, 8726481, 8525650, 8622969, 8361459, 8670944
- **21 SAVE+FLAG:** AD1, AD2, SAGE-SQL, FILES-D1, ENG-DEV-SERVER, D2-MFG-001, D1-ENGI-012, MY9-PC, D1-CUST-003, DANC0619, DFORTH-SHIP, DF-LEE11-I9, DFASLB0519, D2-AS-26, HGHAUBNER, D1-PWRM, D1-ENGI-EMCLAB1, D1-CONF-002, D2-HIPOT-SURFAC, D2-AS-34, TS-41 (shows as STATION_41 in ScreenConnect)
- **9 VERIFY:** APPS, EXCHANGE, EXCHANGE16, AD-3, AD-4, OLD-AD2, SAGETS-1, EPICOR, D2-ASSY-001
- Coord parent todo: `103c48ad-7b31-4967-9388-065a91888e7c`
- Root cause flagged: fleet-wide Syncro agent stopped reporting ~2025-10-06 across ~half of Dataforth.

80
wiki/clients/dataforth.md
View File

@@ -2,7 +2,7 @@
type: client
name: dataforth
display_name: Dataforth Corporation
last_compiled: 2026-05-24
last_compiled: 2026-06-02
compiled_by: DESKTOP-0O8A1RL/claude-main
sources:
- clients/dataforth/docs/overview.md
@@ -40,6 +40,7 @@ sources:
- clients/dataforth/session-logs/2026-06-01-aoi-xp-vlan-share.md
- clients/dataforth/docs/aoi-xp-vlan-backup-runbook.md
- clients/dataforth/session-logs/2026-06-01-cbell-m365-bobbi-outlook.md
- clients/dataforth/session-logs/2026-06-02-session.md
backlinks:
- projects/dataforth-dos
- systems/jupiter
@@ -69,11 +70,13 @@ Signal conditioning / data acquisition manufacturer in Tucson, AZ. Long-standing
| Theresa Dean | tdean | Admin | tdean@dataforth.com |
| Joel Lohr | jlohr | **RETIRED 2026-03-31** — account intentionally kept enabled; inbox rule forwards ntirety.com notifications to mike@azcomputerguru.com | jlohr@dataforth.com |
| Ken Hoffman | khoffman / oemdata | TestDataSheetUploader author, external; also owns Dataforth product API | — |
| Winter | — | Dataforth contact who requested Syncro asset cleanup 2026-06-02 | — |
- **External distributor:** Ginger (gy@quatronix-cn.com) — Quatronix China; receives datasheets
- **Billing rate:** Prepaid block; all invoices show $0.00 — hours drawn from block
- **Hours remaining:** 46.5 hrs as of 2026-05-03 (after 1 hr billed that session). Always live-check Syncro before billing — `GET /customers/578095`.
- **Syncro customer ID:** 578095
- **Invoice CC:** jantar@dataforth.com
---
@@ -163,6 +166,71 @@ Signal conditioning / data acquisition manufacturer in Tucson, AZ. Long-standing
---
## Syncro Asset Inventory (2026-06-02 Reconciliation)
Pulled full Syncro asset list for customer_id `578095`: **78 assets** across 2 pages.
### Reconciliation Result
| Bucket | Count | Meaning |
|---|---|---|
| KEEP | 20 | Active in Syncro (<150 days since last check-in) |
| SAVE + FLAG | 21 | Alive in ScreenConnect or Bitdefender but Syncro agent broken; do NOT delete — reinstall agent |
| REMOVE | 28 | Dead in all three systems (Syncro + ScreenConnect + Bitdefender) |
| VERIFY | 9 | Servers with no agent anywhere; could be live console-only; confirm before removing |
**Governing rule (Howard's 3-system OR):** A machine is saved if it has been online within 150 days in ANY of Syncro, ScreenConnect, or Bitdefender. Removal only if dead in all three.
### SAVE + FLAG — alive but Syncro agent broken (21 machines)
AD1, AD2, SAGE-SQL, FILES-D1, ENG-DEV-SERVER, D2-MFG-001, D1-ENGI-012, MY9-PC, D1-CUST-003, DANC0619, DFORTH-SHIP, DF-LEE11-I9, DFASLB0519, D2-AS-26, HGHAUBNER, D1-PWRM, D1-ENGI-EMCLAB1, D1-CONF-002, D2-HIPOT-SURFAC, D2-AS-34, TS-41 (shows as STATION_41 in ScreenConnect)
### VERIFY — servers with no agent (9 machines)
APPS, EXCHANGE, EXCHANGE16, AD-3, AD-4, OLD-AD2, SAGETS-1, EPICOR, D2-ASSY-001
Likely dead: OLD-AD2, EXCHANGE16, SAGETS-1. Confirm before removing: APPS, AD-3, AD-4, EXCHANGE, EPICOR, D2-ASSY-001.
### REMOVE — confirmed dead in all systems (28 asset IDs)
Syncro asset IDs: 23845, 149614, 9708445, 9357407, 9276901, 9212922, 9078651, 8824875, 8824867, 8726494, 8726485, 8657233, 8606209, 8572160, 8523941, 8411908, 8410614, 8632009, 8726495, 8421223, 9081717, 8726493, 8423782, 8726481, 8525650, 8622969, 8361459, 8670944
**Deletion method:** Syncro GUI only (`https://computerguru.syncromsp.com/customer_assets?customer_id=578095`). API route `DELETE /customer_assets/{id}` returns HTML 404 for this integration token — not exposed.
### Root Cause — Fleet-wide Syncro Agent Break ~2025-10-06
57 of 78 assets show `updated_at` frozen at or before 2025-10-06, while the remaining 21 show recent check-ins. This is a hard cutoff, not gradual attrition — indicating a fleet-wide Syncro agent failure around that date. The machines stayed online (visible in ScreenConnect); only the Syncro agent stopped reporting. Root cause not yet investigated. Flag for Dan Center / Winter when replying.
### Pending Actions (Coord todo tree, parent `103c48ad-7b31-4967-9388-065a91888e7c`, assigned to Howard)
1. Delete the 28 confirmed-dead assets in Syncro GUI.
2. Decide the 9 VERIFY servers.
3. Reinstall Syncro agent on the 21 SAVE+FLAG machines.
4. Switch Dataforth to metered Syncro asset billing once clean.
5. Reply to Winter; flag the ~2025-10-06 fleet-wide agent break for investigation.
---
## Third-Party Tool Inventory
### Bitdefender GravityZone
- **Company ID:** `64c94ef310db128bfa0d908f` (suffix `_578095` confirms Dataforth mapping)
- **Status:** Dataforth is being **phased off Bitdefender**. Only 4 of 57 GravityZone endpoints remain in "Custom Groups" (actively managed); 53 are in the "Deleted" folder (mostly unmanaged).
- **[WARNING] Bitdefender absence is NOT a decommission signal for Dataforth.** A machine missing from BD may simply have had its BD agent uninstalled as part of the phase-off. Use Syncro or ScreenConnect as liveness indicators.
- GravityZone company owner field: Lee Payne.
### ScreenConnect
- **Host:** `https://computerguru.screenconnect.com`
- **Extension GUID:** `2d558935-686a-4bd0-9991-07539f5fe749`
- **Vault:** `msp-tools/screenconnect.sops.yaml` (fields `credentials.username`, `credentials.api_secret`)
- **Working API auth (determined 2026-06-02):** `CTRLAuthHeader: <raw api_secret>` (NO "Basic " prefix) + `Origin: https://computerguru.screenconnect.com`. Basic-auth or "Basic <b64>" in CTRLAuthHeader both return 401.
- **Only exposed method:** `POST /App_Extensions/<guid>/Service.ashx/GetSessionsByName` with body `{"sessionName":"<name>"}`. All other Get* method names return 500. Agent `Name` fields are blank for unattended sessions — this API cannot enumerate the full Dataforth fleet; name-based lookup only.
- Custom session properties: CP1=Company, CP2=Site, CP3=Tag.
---
## Access
### Domain / Server Access
@@ -237,11 +305,18 @@ Signal conditioning / data acquisition manufacturer in Tucson, AZ. Long-standing
- **Entra ID P2 not licensed** — IdentityRiskyUser risk check returns 403 even with scope consented. Would need P2 upgrade to enable Identity Protection.
- **IdentityRiskyUser.Read.All scope:** Consented to Security Investigator app but unusable (no P2 license).
### Syncro Asset Management
- **Fleet-wide Syncro agent break ~2025-10-06:** ~half of Dataforth machines stopped reporting to Syncro on or around that date while remaining online in ScreenConnect. Do NOT auto-remove machines frozen at that date without cross-checking ScreenConnect. Root cause unknown — needs investigation.
- **Bitdefender is NOT a liveness signal:** Dataforth is being phased off BD; 53 of 57 GravityZone endpoints are in the "Deleted" folder. Missing from BD = BD agent uninstalled, not machine dead.
- **API delete not available:** `DELETE /customer_assets/{id}` returns HTML 404 for the current integration token. All asset deletions must go through the Syncro GUI.
---
## Active Work
As of 2026-06-01:
As of 2026-06-02:
- **Syncro asset cleanup (2026-06-02):** 78-asset reconciliation complete. 28 confirmed-dead assets pending GUI deletion; 21 alive-but-broken machines need Syncro agent reinstall; 9 servers in VERIFY bucket. Move to metered billing once clean. Reply to Winter pending. Coord todo tree assigned to Howard (parent `103c48ad-7b31-4967-9388-065a91888e7c`). See [Syncro Asset Inventory](#syncro-asset-inventory-2026-06-02-reconciliation) above.
- **AOI XP backup + isolation (2026-06-01):** AOI optical-inspection XP PC moved to VLAN 2 (mydata/SMT) @ 192.168.1.175; locked-down SMB1 share `aoibackup` on D2TESTNAS (XP-only, user `admin`). Other NAS shares now deny the XP. Mike OK'd full SMT visibility ("it's part of SMT"). **Optional EOL hardening pending:** block XP → company LAN (except NAS 192.168.0.9) + Internet on the UDM, scoped to .175 (won't affect other SMT devices). Todo `37543f7f`.
@@ -279,6 +354,7 @@ As of 2026-06-01:
| 2026-05-12 | Pipeline audit + email notifications implemented (Graph API). jlohr forwarding configured (ntirety.com → mike@). DKIM keys rotated. |
| 2026-06-01 | AOI optical-inspection XP PC isolated onto VLAN 2 (mydata/SMT) @ 192.168.1.175; `aoibackup` SMB1 share created on D2TESTNAS locked to the XP only; other NAS shares set to deny the XP. D2TESTNAS confirmed Debian 13 / Samba 4.22.6 (repurposed Netgear ReadyNAS); vault + wiki OS corrected. Mike: AOI may see all of SMT; optional company-LAN/Internet block for the XP still pending. |
| 2026-06-01 | Chauncey Bell (cbell) M365 verified — active mailbox, licensed Microsoft 365 Business Standard (full Office + Exchange); AD password reset on AD2 (synced user, OU=Azure_Users), signed into Office. Bobbi's Outlook printing fixed by switching to Outlook (Classic). Ticket #32364 (0.5 hr onsite). |
| 2026-06-02 | Syncro asset reconciliation (78 assets): 20 keep / 21 save+flag / 28 remove / 9 verify. Root cause identified: fleet-wide Syncro agent break ~2025-10-06 silenced ~half the fleet while boxes stayed online (visible in ScreenConnect). Dataforth confirmed phasing off Bitdefender (only 4 of 57 GravityZone endpoints actively managed; 53 in Deleted folder). GUI delete list and 5-step todo tree handed to Howard. Move to metered billing pending cleanup. ScreenConnect API auth pattern documented (CTRLAuthHeader raw secret + Origin). |
---

2
wiki/index.md
View File

@@ -19,7 +19,7 @@ Run `/wiki-lint` to check for stale entries and broken backlinks.
| Article | Summary | Last Compiled |
|---|---|---|
| [Cascades of Tucson](clients/cascades-tucson.md) | Prepaid block $175/hr, ~28.0 hrs remaining; senior living; active domain migration + HIPAA compliance project; single DC on aging R610 hardware; open ticket #32370 (eFax + scanner onsite) | 2026-06-02 |
| [Dataforth Corporation](clients/dataforth.md) | Prepaid block ~$2,099/mo; signal conditioning manufacturer; 64 DOS test stations; 2025 crypto attack recovery; 2026-03-27 phishing incident + MFA rollout; active test datasheet pipeline project; Neptune Exchange colocated at D2 | 2026-05-24 |
| [Dataforth Corporation](clients/dataforth.md) | Prepaid block ~$2,099/mo; signal conditioning manufacturer; 64 DOS test stations; 2025 crypto attack recovery; 2026-03-27 phishing incident + MFA rollout; active test datasheet pipeline project; Neptune Exchange colocated at D2; 2026-06-02 Syncro asset reconciliation (78→20 keep/21 flag/28 remove/9 verify); fleet-wide Syncro agent break ~2025-10-06; Bitdefender phase-off in progress | 2026-06-02 |
| [Instrumental Music Center](clients/instrumental-music-center.md) | Prepaid block $175/hr, 12.5 hrs remaining; music retail/repair; AIMsi POS on SQL Server 2019; phantom DC causing slow logons; GuruRMM enrolled (IMC1) | 2026-05-24 |
| [Valley Wide Plastering](clients/valleywide.md) | Prepaid block, 10 hrs remaining; plastering/stucco contractor; HP DL360 Gen10 + XenServer; VB6 app modernization project; RDWeb brute-force incident; 11 Yealink phones pending | 2026-05-24 |
| [ACG Internal Infrastructure](clients/internal-infrastructure.md) | ACG's own hosting infra — Neptune Exchange (cert expires 2026-05-31, DkimSigner disabled), IX server, Cloudflare tunnel workaround, ACG M365 tenant gaps | 2026-05-24 |