sync: auto-sync from HOWARD-HOME at 2026-07-03 21:44:00

Author: Howard Enos
Machine: HOWARD-HOME
Timestamp: 2026-07-03 21:44:00
This commit is contained in:
2026-07-03 21:44:26 -07:00
parent fceb7c6075
commit c18e74ed1c
4 changed files with 41 additions and 0 deletions

View File

@@ -208,3 +208,4 @@
- [Remediation-tool has full M365 access (incl. SharePoint)](reference_remediation_tool_365_access.md) — the app suite covers Graph/EXO/Defender/SharePoint; don't declare "no access" on an accessDenied. SharePoint app-only needs a CERT (secret = "Unsupported app only token"); use get-token.sh `sharepoint`/`sharepoint-admin` tiers + CSOM admin API (Graph /admin/sharepoint/settings scope not held). Full map: skill references/app-permissions-and-sharepoint.md.
- [AV migration: Bitdefender -> Datto EDR](project_av_migration_bitdefender_to_edr.md) — retire Bitdefender fleet-wide except Dataforth; end-state per machine = GuruRMM + Datto EDR
- [RMM deploy via ScreenConnect](reference_rmm_deploy_via_screenconnect.md) — push GuruRMM agent to client workstations via SC send-command (SYSTEM), not DC remote-exec (DCOM/schtasks blocked on Win11 clients)
- [ScreenConnect custom-property slots](reference_screenconnect_custom_property_slots.md) — CP1=Company CP2=Site CP3=Department CP4=Device Type CP8=Tag (API hides labels; UpdateSessionCustomProperties replaces the whole array)

View File

@@ -0,0 +1,28 @@
---
name: reference_screenconnect_custom_property_slots
description: ACG ScreenConnect custom-property slot -> label mapping (CP1..CP8) for session tagging
metadata:
type: reference
---
ACG's ConnectWise ScreenConnect instance (`computerguru.screenconnect.com`) custom-property
slot order, reverse-engineered 2026-07-03 from a labeled test session (HOWARD-HOME, values
"howard company / howards site / Howard department / howard type / ... / howard tag"):
- **CP1** (index 0) = **Company**
- **CP2** (index 1) = **Site**
- **CP3** (index 2) = **Department**
- **CP4** (index 3) = **Device Type**
- CP5 (index 4) = unused/other
- CP6 (index 5) = unused/other
- CP7 (index 6) = unused/other
- **CP8** (index 7) = **Tag**
The API does NOT expose the property LABELS (only values), so this mapping is the reference.
`UpdateSessionCustomProperties [sessionID, [cp1..cp8]]` REPLACES the whole 8-element array — always
read the session's current values first, modify only the slots you intend, write the full array back.
Set via the `[[screenconnect]]` skill: `sc.py set-properties --session <id> --props-json '[...8...]' --confirm`.
Read via `GetSessionsByName` -> `.CustomPropertyValues`.
Used by the GPS->RMM audit ScreenConnect cleanup (`projects/gps-rmm-audit/`): normalize Company,
set Site/Department/Device Type/Tag per machine, dedupe sessions.

View File

@@ -19,6 +19,8 @@ Categories (the `[type]` tag): _(none)_ = skill/command execution failure ·
<!-- Append entries below this line -->
2026-07-04 | Howard-Home | rmm/bot-alerts | [correction] did ~74 agent deploys + 16 client onboards this session but only posted 1 bot-alert (Russo rename); /rmm mandates a #dev-alerts post after every write. Correct: alert per workflow (or a consolidated summary for a batch), not silence.
2026-07-04 | Howard-Home | python/windows | [friction] open(path,'w') defaults to cp1252 on Windows so em-dash/smart-quotes wrote as invalid UTF-8 (0x97), later decode failed; fix: open(...,encoding='utf-8')
2026-07-04 | Howard-Home | bash/env | [friction] curl inside a while-read loop steals the loop's stdin -> returns empty/partial; fix: add </dev/null to the curl (or read from a file, or use python)

View File

@@ -123,3 +123,13 @@ Added a recency filter to needs-sc.py using kabuto_information.last_synced_at (u
Howard pushed a Syncro policy that installs ScreenConnect on the machines as they come online; some may install already, remainder tracked daily. NOTE: SC install alone does not install GuruRMM - after SC lands, GuruRMM still must be pushed via SC (our channel), unless the Syncro policy also runs the GuruRMM one-liner.
Next step (agreed, not yet done): close the loop - upgrade the daily GPS-RMM-Progress job to auto-push GuruRMM to needs-install machines once they have a live SC session (or add the GuruRMM one-liner to the Syncro SC policy). Billing findings to Winter/Mike remain HELD (do not send yet, per Howard).
## Update: 19:30 PT — ScreenConnect cleanup begun (Dataforth Phase A)
Started a ScreenConnect session-hygiene pass on the client machines we added to RMM, beginning with Dataforth. Reverse-engineered the SC custom-property slot mapping from a labeled test session (Howard entered known values on HOWARD-HOME): CP1=Company, CP2=Site, CP3=Department, CP4=Device Type, CP5-7 unused, CP8=Tag. Saved as memory reference_screenconnect_custom_property_slots. NOTE: the SC API hides property LABELS (only values); UpdateSessionCustomProperties REPLACES the whole 8-element array, so always read current values, change only intended slots, write back.
Dataforth findings: Company was a 3-way split (DF - Dataforth 39 / Dataforth Corp 10 / Dataforth Corporation 1); eng-dev-server had a duplicate session; CP2-8 (Site/Dept/DeviceType/Tag) all blank; RMM also lumps all 51 under site D1 (unreliable); D1 and D2 are one flat 192.168.0.0/24 subnet so IP can't distinguish building - needs UniFi switch/AP topology. Dataforth is NOT on the UOS controller but IS a cloud UDM (UDM-Dataforth) reachable via the Site Manager connector.
Phase A executed (all 51 sessions): normalized Company -> 'DF - Dataforth'; set Site D1/D2 on 19 via hostname prefix (safe rule: prefix/suffix -D1-/-D2- only, so AD1/AD2 servers aren't miscategorized) = D1:8, D2:11; 31 non-prefixed remain blank (Phase B via UniFi); 1 pre-existing 'CC' left. eng-dev-server dup flagged for manual console removal (API can't delete sessions); DF-D2-Training-LT has no live SC session. Dev-alert posted.
Next: Phase B Part 1 = Device Type (CP4) for all 51 + Department (CP3) where derivable from hostname/wiki; Part 2 = UniFi (UDM-Dataforth connector) map switch/AP -> D1/D2 for the 31 blanks. Bash 2-min default timeout keeps cutting SC batches - use timeout 600000; SC writes are idempotent so re-runs are safe.