sync: auto-sync from HOWARD-HOME at 2026-06-01 10:26:59

Author: Howard Enos
Machine: HOWARD-HOME
Timestamp: 2026-06-01 10:26:59

clients/lens-auto-brokerage/docs/gururmm-deployment.md

@@ -0,0 +1,95 @@
+# Len's Auto Brokerage — GuruRMM Agent Deployment
+
+**Status:** IN PROGRESS (started 2026-06-01, Howard)
+**Method:** ScreenConnect (workgroup — no AD domain, GPO not used)
+**GuruRMM site:** Len's Auto Brokerage / "Main" — site code **`UPPER-STAR-2820`** (this code IS the enrollment key)
+**Target:** ~10 Windows endpoints + the EOL lab-server (enroll to monitor until decommission)
+
+## Enrollment command (run on each endpoint via ScreenConnect, ELEVATED PowerShell)
+
+Standard (modern Windows 10/11 / Server 2016+):
+```powershell
+irm https://rmm.azcomputerguru.com/install/UPPER-STAR-2820/windows | iex
+```
+
+Explicit fallback (if the hosted installer is blocked):
+```powershell
+$u='https://rmm-api.azcomputerguru.com/downloads/gururmm-agent-windows-amd64-latest.exe'
+$d='C:\Windows\Temp\gururmm-agent.exe'
+Invoke-WebRequest $u -UseBasicParsing -OutFile $d
+& $d install --server-url 'wss://rmm-api.azcomputerguru.com/ws' --api-key 'UPPER-STAR-2820'
+```
+
+The agent installs as a SYSTEM service and auto-registers on first WS connect; it appears in the
+dashboard under Len's Auto Brokerage / Main within seconds.
+
+## lab-server (Server 2008 SP2, 192.168.1.241) — SPECIAL HANDLING / likely fails
+
+Server 2008 SP2 (6.0.6002) is EOL and predates TLS 1.2-by-default + the modern Windows runtime
+the Rust agent is built against. Expect problems:
+
+1. **TLS:** old PowerShell defaults to TLS 1.0 — the `irm | iex` download will fail. Force TLS 1.2 first:
+   ```powershell
+   [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
+   $u='https://rmm-api.azcomputerguru.com/downloads/gururmm-agent-windows-amd64-latest.exe'
+   $d='C:\Windows\Temp\gururmm-agent.exe'
+   (New-Object Net.WebClient).DownloadFile($u,$d)
+   & $d install --server-url 'wss://rmm-api.azcomputerguru.com/ws' --api-key 'UPPER-STAR-2820'
+   ```
+2. **Binary may not run at all** on 2008 SP2 (missing API sets / UCRT). If it errors on launch,
+   that is EXPECTED — do not burn time on it. Note the failure here and rely on the planned
+   decommission instead. (This is consistent with the box being retired anyway.)
+
+## Reconciliation — 2026-06-01 (Syncro asset list vs GuruRMM)
+
+Howard enrolled all machines online in the last ~2 months via ScreenConnect. Source list = Syncro
+assets (15 machines). Logic: a machine in Syncro but absent from RMM = offline >2 months (being
+removed from Syncro). GuruRMM shows 8 online agents under Len's / Main.
+
+### Enrolled & online (8)
+| Hostname (RMM) | Syncro list match | Notes |
+|---|---|---|
+| DESKTOP-0J55V6L | DESKTOP-0J55V6L | Win 11 Home |
+| DESKTOP-JDQMLCE | DESKTOP-JDQMLCE | Win 11 Pro |
+| EV-DAWG | EV-DAWG | Win 11 Pro |
+| Josh-Lens | JOSH-LENS | Win 11 Pro |
+| LAB-Becky | LAB-BECKY | Win 10 Pro |
+| LAB-DAWN | LAB-DAWN | Win 11 Pro |
+| LAB-MADONNA | LAB-MADONNA | Win 11 Pro |
+| LAB-SVR | = DESKTOP-BMBTQLI (rebuilt) | Win Server 2019. CONFIRMED via SN 3M1D1T12PD + IP .81: this is the old DESKTOP-BMBTQLI rebuilt to Server 2019 (installed 4/15/2026) and renamed. CURRENT production server. |
+
+### Missing from RMM = offline >2mo / Syncro-deleted (no action)
+DESKTOP-LJ825H1, LAB-005252, MATT, PARKER.
+(DESKTOP-BMBTQLI is NOT missing — it was rebuilt + renamed to LAB-SVR, which IS enrolled.)
+
+### Resolved 2026-06-01 (Howard)
+- **LENS-SV = the new server = LAB-SVR in RMM.** One physical box (HPE MicroServer Gen10+ v2,
+  SN 3M1D1T12PD, Server 2019, IP .81): Syncro tracks it as LENS-SV, GuruRMM enrolled it as LAB-SVR,
+  the old overview doc called it DESKTOP-BMBTQLI. All the same machine — enrolled & online. Accounted for.
+  (Minor: RMM hostname LAB-SVR vs Syncro name LENS-SV — cosmetic; rename later if desired.)
+- **LAB-SERVER** (Server 2008, .241, old Xeon E3-1220 v3) — NOT enrolling. Agent will not install on
+  Server 2008 (confirmed decision). Leave it; decommission will handle it.
+
+### Deployment status: COMPLETE & RECONCILED
+All machines online in the last ~2 months are enrolled (8 agents). Offline>2mo machines are being
+removed from Syncro (no action). desertRV machines tracked separately. Optional: walkthrough +
+user self-installer to catch any straggler.
+
+### desertRV machines (do NOT belong to Len's)
+- DESERTRVSERVER — online, NOT in GuruRMM anywhere; no desertRV client/site exists yet. Needs a
+  desertRV group created + fresh enroll. Tracked separately.
+- DRV-TK-DESKTOP — DRV- prefix, also a likely desertRV machine; absent from RMM.
+
+### Catch any stragglers (Howard's plan)
+- Physical walkthrough of the site to spot any machine missed.
+- Hand users the self-installer (site code UPPER-STAR-2820) so they can enroll their own machines.
+
+## Verification
+
+After a batch, confirm enrollment count from the RMM API (or ask Claude `/rmm` to check):
+- Client "Len's Auto Brokerage" `bc76984f-8dc9-42e7-b978-c8def1143144`, site "Main" `d8f69cd8-5c42-43bc-ae45-9cc6078d37fb`.
+- Done when all live endpoints show online/heartbeating.
+
+## Reference
+- Network 192.168.1.0/24, WAN 174.77.67.237. ScreenConnect present.
+- Installer download verified live 2026-06-01 (HTTP 200, ~4.9 MB, built same day).

clients/lens-auto-brokerage/docs/overview.md

@@ -13,8 +13,8 @@
 ## Servers
 | Hostname | IP | Hardware | OS | Notes |
 |----------|-----|---------|-----|-------|
-| DESKTOP-BMBTQLI | 192.168.1.81 | HPE ProLiant MicroServer Gen10 Plus v2 (SN: 3M1D1T12PD) | TBD | **Current server** — 16GB RAM, Tower. Last user: Localadmin. Last boot: 2026-03-13 |
-| lab-server | 192.168.1.241 | TBD | Windows Server 2008 SP2 (6.0.6002) | **OLD SERVER — EOL.** RDP enabled 2026-04-13. To be decommissioned. |
+| LAB-SVR (Syncro: LENS-SV; was DESKTOP-BMBTQLI) | 192.168.1.81 | HPE ProLiant MicroServer Gen10 Plus v2 (SN: 3M1D1T12PD, MAC 5C:ED:8C:EA:FD:60) | Windows Server 2019 Standard (10.0.17763) | **CURRENT / NEW SERVER.** One box, three names: Syncro=LENS-SV, GuruRMM=LAB-SVR, old doc=DESKTOP-BMBTQLI. Server 2019 installed 2026-04-15, 16GB RAM. Enrolled in GuruRMM 2026-06-01. |
+| LAB-SERVER (was lab-server) | 192.168.1.241 | HP ProLiant ML310e Gen8 v2 (SN: MX253500HB, MAC 94:57:A5:8E:08:99) | Windows Server 2008 Standard (6.0.6002) | **OLD SERVER — EOL**, WORKGROUP. Still powered (uptime 79d as of 2026-06-01) but NOT in GuruRMM. To be decommissioned. Agent likely won't run on 2008 (TLS1.2 + runtime). |
 
 ## Migration Plan
 - Move **Deskman** from lab-server to DESKTOP-BMBTQLI

session-logs/2026-06-01-howard-client-status-and-qwm.md

@@ -80,3 +80,46 @@ Coord API (server-side, not repo):
 - Onboarding docs: `.claude/skills/remediation-tool/references/{gotchas.md,tenants.md}`, `scripts/onboard-tenant.sh`. GDAP groups: `clients/internal-infrastructure/scripts/add-rob-to-gdap-groups.ps1` (13 M365 GDAP groups + AdminAgents in tenant ce61461e).
 - Coord API: `http://172.16.3.30:8001/api/coord`. Todos this session: 46bda3ec(done), bf09d843, 72060fc8, 7221c025, 10536f07.
 - Syncro #32279: https://computerguru.syncromsp.com/tickets/110305905
+
+---
+
+## Update: 10:26 PT — Len's Auto Brokerage GuruRMM deployment (complete) + Dataforth handoff
+
+### Summary
+Executed and reconciled the Len's Auto Brokerage GuruRMM rollout. Resolved the enrollment key from
+agent source: the **site code `UPPER-STAR-2820` IS the enrollment credential** (the site's api_key is
+null, irrelevant for the `.exe install --api-key <site_code>` / WS auto-register path). Installer
+confirmed live. Environment is a workgroup (no AD domain), so delivery was via **ScreenConnect**, not
+GPO. Howard enrolled all machines online in the last ~2 months.
+
+Reconciled GuruRMM (8 online agents) against the Syncro asset list (15). All online-in-2mo machines
+enrolled. Key identity resolution: **LAB-SVR (RMM) = LENS-SV (Syncro) = the new/current server**, one
+HPE MicroServer Gen10+ v2 (SN 3M1D1T12PD, Server 2019, IP .81) that the old overview doc had called
+DESKTOP-BMBTQLI. The old **LAB-SERVER** (Server 2008, .241) is deliberately NOT enrolled — agent won't
+run on 2008; decommission handles it. Offline>2mo machines (DESKTOP-LJ825H1, LAB-005252, MATT, PARKER)
+are being removed from Syncro — no action. desertRV machines (DESERTRVSERVER, DRV-TK-DESKTOP) belong to
+a separate group that doesn't exist in GuruRMM yet.
+
+### Decisions
+- ScreenConnect delivery (workgroup, no domain → GPO not viable).
+- Site code = enrollment key (verified in agent source, not guessed).
+- Do not enroll the EOL Server 2008 box; let decommission handle it.
+- Re-scoped the desertRV todo to its own client key (was mis-filed under Len's).
+
+### Config / coord changes
+- Created: `clients/lens-auto-brokerage/docs/gururmm-deployment.md` (runbook + reconciliation).
+- Modified: `clients/lens-auto-brokerage/docs/overview.md` (server table — LAB-SVR/LENS-SV identity, LAB-SERVER EOL).
+- Coord: component `clients-lens-auto-brokerage/gururmm-deployment` = deployed (reconciled); deployment lock `01eae532` claimed + released.
+- Todos: `3aeb3f2b` (desertRV stand-up, ->howard), `a0b890ae` closed (superseded/re-scoped), `37543f7f` (Dataforth optical-tester, ->howard).
+
+### Infrastructure
+- Len's: 192.168.1.0/24, WAN 174.77.67.237, ScreenConnect. GuruRMM client `bc76984f`, site "Main" `d8f69cd8` / code `UPPER-STAR-2820`. 8 agents online.
+- New server LAB-SVR/LENS-SV: HPE MicroServer Gen10+ v2, SN 3M1D1T12PD, Server 2019 (installed 4/15/2026), 192.168.1.81.
+- Old EOL server LAB-SERVER: HP ProLiant ML310e Gen8 v2, SN MX253500HB, Server 2008, 192.168.1.241 (up 79d, not in RMM).
+
+### Pending / Next
+- **NEXT SESSION (after /clear): Dataforth optical-tester** (todo `37543f7f`, Mike's request) — VLAN the
+  XP optical tester + give it backup to a server; XP can't do modern SMB, so it must reach the legacy
+  NAS or an SMB1-capable server. Scope SMB1 narrowly (security).
+- desertRV stand-up (todo `3aeb3f2b`).
+- Len's optional follow-up: site walkthrough + user self-installer (`UPPER-STAR-2820`) to catch stragglers; cosmetic LAB-SVR vs LENS-SV hostname mismatch.