diff --git a/.claude/memory/MEMORY.md b/.claude/memory/MEMORY.md index bebfbe25..ba8696f7 100644 --- a/.claude/memory/MEMORY.md +++ b/.claude/memory/MEMORY.md @@ -208,3 +208,4 @@ - [Remediation-tool has full M365 access (incl. SharePoint)](reference_remediation_tool_365_access.md) — the app suite covers Graph/EXO/Defender/SharePoint; don't declare "no access" on an accessDenied. SharePoint app-only needs a CERT (secret = "Unsupported app only token"); use get-token.sh `sharepoint`/`sharepoint-admin` tiers + CSOM admin API (Graph /admin/sharepoint/settings scope not held). Full map: skill references/app-permissions-and-sharepoint.md. - [AV migration: Bitdefender -> Datto EDR](project_av_migration_bitdefender_to_edr.md) — retire Bitdefender fleet-wide except Dataforth; end-state per machine = GuruRMM + Datto EDR - [RMM deploy via ScreenConnect](reference_rmm_deploy_via_screenconnect.md) — push GuruRMM agent to client workstations via SC send-command (SYSTEM), not DC remote-exec (DCOM/schtasks blocked on Win11 clients) +- [ScreenConnect custom-property slots](reference_screenconnect_custom_property_slots.md) — CP1=Company CP2=Site CP3=Department CP4=Device Type CP8=Tag (API hides labels; UpdateSessionCustomProperties replaces the whole array) diff --git a/.claude/memory/reference_screenconnect_custom_property_slots.md b/.claude/memory/reference_screenconnect_custom_property_slots.md new file mode 100644 index 00000000..8567fabe --- /dev/null +++ b/.claude/memory/reference_screenconnect_custom_property_slots.md @@ -0,0 +1,28 @@ +--- +name: reference_screenconnect_custom_property_slots +description: ACG ScreenConnect custom-property slot -> label mapping (CP1..CP8) for session tagging +metadata: + type: reference +--- + +ACG's ConnectWise ScreenConnect instance (`computerguru.screenconnect.com`) custom-property +slot order, reverse-engineered 2026-07-03 from a labeled test session (HOWARD-HOME, values +"howard company / howards site / Howard department / howard type / ... / howard tag"): + +- **CP1** (index 0) = **Company** +- **CP2** (index 1) = **Site** +- **CP3** (index 2) = **Department** +- **CP4** (index 3) = **Device Type** +- CP5 (index 4) = unused/other +- CP6 (index 5) = unused/other +- CP7 (index 6) = unused/other +- **CP8** (index 7) = **Tag** + +The API does NOT expose the property LABELS (only values), so this mapping is the reference. +`UpdateSessionCustomProperties [sessionID, [cp1..cp8]]` REPLACES the whole 8-element array — always +read the session's current values first, modify only the slots you intend, write the full array back. +Set via the `[[screenconnect]]` skill: `sc.py set-properties --session --props-json '[...8...]' --confirm`. +Read via `GetSessionsByName` -> `.CustomPropertyValues`. + +Used by the GPS->RMM audit ScreenConnect cleanup (`projects/gps-rmm-audit/`): normalize Company, +set Site/Department/Device Type/Tag per machine, dedupe sessions. diff --git a/errorlog.md b/errorlog.md index d6eee8e8..2d744353 100644 --- a/errorlog.md +++ b/errorlog.md @@ -19,6 +19,8 @@ Categories (the `[type]` tag): _(none)_ = skill/command execution failure · +2026-07-04 | Howard-Home | rmm/bot-alerts | [correction] did ~74 agent deploys + 16 client onboards this session but only posted 1 bot-alert (Russo rename); /rmm mandates a #dev-alerts post after every write. Correct: alert per workflow (or a consolidated summary for a batch), not silence. + 2026-07-04 | Howard-Home | python/windows | [friction] open(path,'w') defaults to cp1252 on Windows so em-dash/smart-quotes wrote as invalid UTF-8 (0x97), later decode failed; fix: open(...,encoding='utf-8') 2026-07-04 | Howard-Home | bash/env | [friction] curl inside a while-read loop steals the loop's stdin -> returns empty/partial; fix: add 'DF - Dataforth'; set Site D1/D2 on 19 via hostname prefix (safe rule: prefix/suffix -D1-/-D2- only, so AD1/AD2 servers aren't miscategorized) = D1:8, D2:11; 31 non-prefixed remain blank (Phase B via UniFi); 1 pre-existing 'CC' left. eng-dev-server dup flagged for manual console removal (API can't delete sessions); DF-D2-Training-LT has no live SC session. Dev-alert posted. + +Next: Phase B Part 1 = Device Type (CP4) for all 51 + Department (CP3) where derivable from hostname/wiki; Part 2 = UniFi (UDM-Dataforth connector) map switch/AP -> D1/D2 for the 31 blanks. Bash 2-min default timeout keeps cutting SC batches - use timeout 600000; SC writes are idempotent so re-runs are safe.