sync: auto-sync from HOWARD-HOME at 2026-06-20 07:34:29

Author: Howard Enos
Machine: HOWARD-HOME
Timestamp: 2026-06-20 07:34:29

clients/khalsa/PROJECT_STATE.md

@@ -2,7 +2,7 @@
 
 > READ THIS before starting work on this client.
 > UPDATE THIS when you begin work (claim a lock) and when you finish (release lock + log changes).
-> Last updated: 2026-04-20
+> Last updated: 2026-06-19
 
 ---
 
@@ -18,16 +18,26 @@
 
 ## Current State
 
-**Status:** ONBOARDING
-**Last Activity:** 2026-04-16
+**Status:** ONBOARDING (server inventory now captured)
+**Last Activity:** 2026-06-19
 
-New client. Standard directory template applied 2026-04-16. Onboarding not yet complete. Directory contains only a `docs/` subfolder — minimal information captured.
+Server + network inventory discovered 2026-06-19 via Syncro asset API + ScreenConnect
+telemetry (triggered by Celeste Duitman asking whether the "Trout server" can be
+retired). Three servers documented; on-box live audit of TROUT still pending.
 
 ---
 
 ## Infrastructure / Access
 
-No infrastructure details recorded yet. Check `clients/khalsa/docs/` for any notes captured during initial onboarding.
+- **Remote access:** ScreenConnect (computerguru.screenconnect.com) + Splashtop + Syncro RMM.
+  Site-to-site VPN to ACG (vault `clients/khalsa/ucg`, 172.16.50.x) is BROKEN — on-net
+  IPs not reachable from ACG; use ScreenConnect/Syncro.
+- **Domain:** khalsa.local; DC = TROUT (10.11.12.254). Network 10.11.12.0/22.
+- **Servers:** TROUT (Camden, DC/DNS/file/QB, ONLINE), SALMON (River, standalone file/QB,
+  ONLINE), KHALSADC2 (intended 2nd DC, OFFLINE since 2025-08). See `docs/servers/`.
+- **Vault:** `clients/khalsa/{ucg,switch,accountant-machine}.sops.yaml`. No TROUT/SALMON
+  server creds vaulted yet (local admin = kms-admin; domain admin = guru).
+- **Key risk:** TROUT is the only live DC; C: at 10% free; no captured backups.
 
 ---
 
@@ -43,6 +53,7 @@ No infrastructure details recorded yet. Check `clients/khalsa/docs/` for any not
 | Date | By | Change | Status |
 |------|-----|--------|--------|
 | 2026-04-16 | Howard | Standard client directory structure applied | IN PROGRESS |
+| 2026-06-19 | Howard | Server/network inventory captured (TROUT, SALMON, KHALSADC2) via Syncro+ScreenConnect; answered Celeste re TROUT retirement | DONE |
 
 ---
 

clients/khalsa/docs/overview.md

@@ -1,42 +1,73 @@
 # Client Overview
 
+Khalsa Montessori School (Syncro customer 9456554). Also referred to by the
+client as "Khalsa Family Services" / "Khalsa Schools". Fish-named servers
+(TROUT, SALMON). Two sites: Camden and River.
+
 ## Company Name
-Khalsa
+Khalsa Montessori School
 
 ## Primary Contact
-- Name:
+- Name: Celeste Duitman (Khalsa Family Services)
 - Phone:
 - Email:
+- Note: 2026-06-19 asked whether the "Trout server" can be retired (it used to host
+  Schoolmaster, now archived). Answer: no, not as-is — TROUT is the live DC/DNS/file/
+  QuickBooks server. See servers/camden/TROUT.md.
 
-## IT Contact
-- Name:
-- Phone:
-- Email:
+## IT / Billing Contacts (from Syncro)
+- lulu.camacho@khalsaschools.org (asset contact on Syncro account)
 
 ## Contract Details
-- Service Level:
-- Hours Covered:
-- Contract Renewal Date:
+- Service Level: (not documented)
+- Hours Covered: (not documented)
+- Contract Renewal Date: (not documented)
 
-## Environment Summary
-- Total Users:
-- Total Locations: 2
-- Domain Name:
-- RMM Agent Count:
-- Workstation Count:
-- Server Count:
+## Environment Summary (live data 2026-06-19)
+- Total Users: (not documented)
+- Total Locations: 2 (Camden, River)
+- Domain Name: khalsa.local (Camden DC = TROUT @ 10.11.12.254)
+- Network: 10.11.12.0/22 (Camden 10.11.12.x, River 10.11.14.x); gateway 10.11.12.1
+- Site WAN egress: 50.145.145.190
+- Remote access: ScreenConnect (computerguru.screenconnect.com) + Splashtop; Syncro RMM agents
+- Site-to-site VPN to ACG (172.16.50.x): documented but BROKEN ("VPN routing issue") — on-net IPs not reachable from ACG; manage via ScreenConnect/Syncro
+- Server Count: 3 known (2 live + 1 offline)
+- RMM/Workstation Count: ~20 Syncro device assets (see Inventory)
+
+## Servers
+| Host | Site | IP | OS | Role | Status |
+|------|------|----|----|------|--------|
+| TROUT | Camden | 10.11.12.254 | WS2016 Std | DC + DNS + file (K:) + QuickBooks | ONLINE |
+| SALMON | River | 10.11.14.76 | WS2016 Std | Standalone file/QuickBooks (River) | ONLINE |
+| KHALSADC2 | ? | ? | WS2016 Eval | Intended 2nd DC | OFFLINE since 2025-08 |
+
+See servers/camden/TROUT.md, servers/river/SALMON.md, servers/camden/KHALSADC2.md.
+
+## Workstation/Device Inventory (Syncro, 2026-06-19)
+~20 Syncro device assets incl.: DESKTOP-MAN1CGE, DESKTOP-RKKR9KN, DESKTOP-M45ARIN,
+LAPTOP-NIBQP9LG, LAPTOP-JCSPNNA5, LAPTOP-AGN1DMAR, LAPTOP-KJJB0R90, KMS-LT11-1,
+KMS-LT11-2, KHALSA-R-LT1, KHALSA-R-LT2, UE-DONAGHY-L, PRIME-RTG-PC, AD-KHALSA-D-FRO,
+CAM-LULU-D, DESKTOP-9LT4ICC, AD-JANICE-D, CAM-STAFFROOM-D.
 
 ## Locations
-
 ### Camden
 - Address:
 - Phone:
-- Primary Use:
+- Primary Use: Main office; hosts TROUT (DC/DNS/QuickBooks/file)
 
 ### River
 - Address:
 - Phone:
-- Primary Use:
+- Primary Use: Second site; hosts SALMON (standalone file/QuickBooks)
+
+## Key Risks / Open Items
+- TROUT C: drive at 10% free (12 GB) — low-disk risk.
+- No DC redundancy: TROUT is the only live DC (KHALSADC2 offline). TROUT failure = outage.
+- No backup configuration captured for any server — VERIFY backups exist.
+- Windows Defender is the only AV on servers.
+- Onboarding still incomplete: M365/Azure, contacts (phones/emails), contract terms,
+  backup, and per-server share/app detail not yet captured.
 
 ## Notes
-<!-- General notes about this client -->
+Data captured via Syncro asset API + ScreenConnect session telemetry on 2026-06-19.
+On-box live audit still needed to itemize TROUT's shares/folders and installed software.

clients/khalsa/docs/servers/camden/KHALSADC2.md

@@ -0,0 +1,31 @@
+# Server: KHALSADC2
+
+> Source: live data from Syncro asset 10778071 (Khalsa Montessori School), captured
+> 2026-06-19. STALE — agent has not reported since 2025-08-19.
+
+## General Info
+- Hostname: KHALSADC2
+- IP Address: unknown (not captured)
+- OS: Microsoft Windows Server 2016 Standard **Evaluation** (unlicensed eval build)
+- Physical / Virtual: Physical (whitebox — "To Be Filled By O.E.M.")
+- Location: unknown (named as second DC; presumed Camden)
+- Last boot: 2025-07-09
+- Last Syncro report: 2025-08-19
+- Status: **OFFLINE / not reporting since mid-2025** — abandoned or decommissioned
+
+## Hardware
+- Make/Model: whitebox / OEM-unfilled
+- CPU: Intel Core i5-4430 @ 3.00 GHz (desktop-class)
+- RAM: 8 GB
+- Storage: Samsung SSD 850 EVO 500 GB + a 57 GB SanDisk USB stick
+
+## Roles and Services
+- Intended as a **second domain controller** ("DC2") for khalsa.local, added ~Feb 2025.
+- Appears to have been a temporary/eval DC that was never finished or was retired.
+  It is NOT providing AD redundancy today.
+
+## Significance
+- Because KHALSADC2 is offline, **TROUT is the only functioning DC** for khalsa.local.
+  The domain currently has no DC redundancy — a TROUT failure = full network/login outage.
+- If this box still physically exists and is recoverable, it is a poor candidate for a
+  permanent DC (eval license, desktop CPU, USB-stick storage). Plan a proper replacement.

clients/khalsa/docs/servers/camden/TROUT.md

@@ -0,0 +1,70 @@
+# Server: TROUT
+
+> Source: live data from Syncro asset 2294092 + ScreenConnect session "TROUT"
+> (Khalsa Montessori School), captured 2026-06-19. Roles marked [confirmed] are
+> from agent telemetry; roles marked [indicated] are inferred from support-ticket
+> history and need on-box confirmation via a live audit.
+
+## General Info
+- Hostname: TROUT
+- IP Address: 10.11.12.254 (static; /22 mask 255.255.252.0 -> 10.11.12.0/22)
+- Public IP (site WAN): 50.145.145.190
+- OS: Microsoft Windows Server 2016 Standard
+- OS Version: build 14393.6981 (release 1607)
+- Physical / Virtual: Physical (reports a Dell Virtual Disk via PERC; bare-metal box)
+- Location: Camden ("Camden server")
+- Domain: khalsa.local (this host IS the domain)
+- DNS config: dns1 = 127.0.0.1 (self), dns2 = 10.11.12.254 (self); gateway 10.11.12.1
+- Last boot: 2026-03-11
+- Status: ONLINE (agent heartbeat 2026-06-19)
+
+## Hardware (physical)
+- Make/Model: Dell PowerEdge T110 II
+- Serial / Service Tag: 1V20R22
+- CPU: Intel Xeon E31220 @ 3.10 GHz (4 threads)
+- RAM: 16 GB (2x 8 GB)
+- Storage: 1x Dell Virtual Disk (PERC), 931 GB raw
+- Note: ~2012-era hardware, aging
+
+## Disk Usage (2026-06-19)
+- C: (system): 120 GB total, **12 GB free (10% free)** — CRITICALLY LOW
+- All fixed disks: 927 GB total, 437 GB free (47% free)
+- Total used: ~490 GB; data volume (D:) holds ~380 GB of files
+
+## Roles and Services
+- [x] Domain Controller [confirmed] — sole functioning DC for khalsa.local (KHALSADC2 offline since mid-2025)
+- [x] DNS Server [confirmed] — primary DNS for both sites (PCs at River also point here)
+- [ ] DHCP Server — unconfirmed (gateway 10.11.12.1 may serve DHCP; verify on-box)
+- [x] File Server [indicated] — users map a **K: drive** (tickets #32016)
+- [x] Application Server / QuickBooks host [indicated] — QuickBooks company files
+      (tickets #31904 "Camden server can't get on QBs after power outage", #32047
+      "move QBs from Camden to River")
+- [ ] Print Server — unconfirmed
+- [ ] Database Server — unconfirmed (legacy Schoolmaster + SQL removed per client; verify no SQL remains)
+- [ ] Backup Target — unconfirmed
+- [ ] RDS / Terminal Server — unconfirmed
+- [ ] Hyper-V Host — unconfirmed
+
+## History / Schoolmaster
+- Formerly hosted **Schoolmaster** (school management app). Per Celeste Duitman
+  (Khalsa Family Services, 2026-06-19) Schoolmaster is no longer used and has been
+  archived. TROUT has since taken on DC/DNS/file/QuickBooks duties, so it CANNOT be
+  removed as-is despite Schoolmaster being gone.
+
+## AV / Security
+- AV: Windows Defender only
+- Local admin account: kms-admin (last interactive); KHALSA\guru also used
+
+## Decommission notes
+To retire TROUT you must first migrate its live roles:
+1. Promote a replacement DC + DNS (SALMON, a new box, or move to M365/Entra) — there
+   is currently NO healthy second DC.
+2. Move file shares (K:) and QuickBooks data to the replacement.
+3. Transfer FSMO roles + DNS, demote TROUT, then power off.
+This is a planned migration, not an unplug. Age + near-full C: make retirement sensible.
+
+## Remaining unknowns (need live on-box audit)
+- Exact share list + per-folder sizes on D:
+- Full installed-software list (confirm no SQL/Schoolmaster remnants)
+- Whether DHCP/print roles run here
+- Backup status (no backup configuration captured)

clients/khalsa/docs/servers/river/SALMON.md

@@ -0,0 +1,46 @@
+# Server: SALMON
+
+> Source: live data from Syncro asset 6746237 (Khalsa Montessori School), captured
+> 2026-06-19. Role is inferred (standalone server, not a DC) and needs on-box
+> confirmation via a live audit.
+
+## General Info
+- Hostname: SALMON
+- IP Address: 10.11.14.76 (DHCP; /22 mask 255.255.252.0 -> 10.11.12.0/22)
+- Public IP (site WAN): 50.145.145.190 (same egress as TROUT in telemetry)
+- OS: Microsoft Windows Server 2016 Standard
+- OS Version: build 14393.6796 (release 1607)
+- Physical / Virtual: Physical
+- Location: River (10.11.14.x subnet)
+- Domain: NOT domain-joined (domain field blank; last login SALMON\kms-admin = local account)
+- DNS config: dns1 = 10.11.12.254 (TROUT), dns2 = 10.11.12.1; gateway 10.11.12.1; DHCP server 10.11.12.1
+- Last boot: 2026-03-25
+- Status: ONLINE (agent heartbeat 2026-06-19)
+
+## Hardware (physical)
+- Make/Model: Dell PowerEdge T130
+- Serial / Service Tag: 8Z8FPD2
+- CPU: Intel Xeon E3-1220 v5 @ 3.00 GHz
+- RAM: 8 GB
+- Storage: 2x Toshiba DT01ACA050 (465.76 GB each; likely mirrored)
+
+## Disk Usage (2026-06-19)
+- C: (system): 463 GB total, 239 GB free (51% free)
+- All fixed disks: 929 GB total, 608 GB free (65% free)
+- Total used: ~321 GB
+
+## Roles and Services
+- [ ] Domain Controller — NO (standalone/workgroup)
+- [ ] DNS Server — NO (uses TROUT for DNS)
+- [x] File Server [indicated] — likely the River-site file/QuickBooks server
+      (ticket #32047 "move QBs from Camden to River"); ~321 GB of data present
+- Other roles unconfirmed — needs live audit
+
+## AV / Security
+- AV: Windows Defender only
+- Local admin account: kms-admin
+
+## Notes
+- Most likely candidate to absorb TROUT's file/QuickBooks data in a TROUT
+  decommission, OR to be promoted to a domain controller. Has ~600 GB free.
+- Naming convention: Khalsa servers are fish-named (TROUT, SALMON).

errorlog.md

@@ -23,6 +23,8 @@ Categories (the `[type]` tag): _(none)_ = skill/command execution failure ·
 
 2026-06-19 | GURU-5070 | rmm/onboard vault | [friction] stashed onboard vars in a scratch .env and sourced it; NAME=Jimmy Company (unquoted space) made 'source' exec the 2nd word as a command and left NAME unset -> vault file written with client: null. Fix: quote values when writing the env (printf '%s=%q'), or read back with grep|cut not source. [ctx: machine=GURU-5070 client=jimmy]
 
+2026-06-19 | Howard-Home | ix/whm-api | [friction] WHM /json-api/cpanel UAPI Fileman get_file_content returned empty 'file' param (error: file does not exist); wasted calls. Fix: for IX cPanel file reads/edits use paramiko SFTP with root creds from vault infrastructure/ix-server, not the WHM UAPI file wrapper
+
 2026-06-19 | GURU-5070 | coord/self-check publish | [friction] coord-queue.jsonl queued a census with an MSYS-mangled URL path (/api/coord/... -> C:/Program Files/Git/api/coord/...) AND was git-tracked (not gitignored), so a stale RED census propagated to the repo and could clobber a published GREEN if drained. Fix: gitignore .claude/coord-queue.jsonl; the queue writer must prefix the curl path with the full coord_api base or set MSYS2_ARG_CONV_EXCL/MSYS_NO_PATHCONV to stop path conversion. [ctx: machine=GURU-5070 ref=CLAUDE.md-softfail-queue]
 2026-06-19 | Howard-Home | unifi-wifi/gw-sitemanager | find subcommand crashed: GET /v1/hosts -> HTTP 500, then JSON decode traceback (no graceful handling of non-JSON error body) [ctx: client=khalsa cmd=find]
 

wiki/clients/khalsa.md

@@ -2,8 +2,8 @@
 type: client
 name: khalsa
 display_name: Khalsa
-last_compiled: 2026-05-24
-compiled_by: DESKTOP-0O8A1RL/claude-main
+last_compiled: 2026-06-19
+compiled_by: GURU-5070/claude-main
 sources:
   - clients/khalsa/docs/overview.md
   - clients/khalsa/docs/cloud/m365.md
@@ -31,17 +31,18 @@ sources:
 
 ## Overview
 
-New client in ONBOARDING status as of 2026-04-16. Standard client directory structure applied by Howard. Multi-site environment with two locations: **Camden** and **River**. Onboarding is incomplete — infrastructure details, contacts, and credentials have not yet been captured to the vault.
+Khalsa Montessori School (Syncro customer 9456554; also called "Khalsa Family Services" / "Khalsa Schools"). ONBOARDING status; multi-site (**Camden** + **River**). **Server + network inventory captured 2026-06-19** via Syncro asset API + ScreenConnect telemetry (triggered by Celeste Duitman asking whether the "Trout server" can be retired). M365/Azure, contract terms, and per-server share/app detail still pending.
 
-- **Business type:** *(not documented)*
+- **Business type:** Montessori school
 - **Locations:** 2 (Camden, River)
-- **Total users:** *(not documented)*
-- **Billing model:** *(not documented)*
-- **Billing rate:** *(not documented)*
+- **Domain:** khalsa.local (network 10.11.12.0/22; gateway 10.11.12.1; WAN egress 50.145.145.190)
+- **Servers:** 3 known — TROUT (Camden DC, online), SALMON (River standalone, online), KHALSADC2 (intended 2nd DC, offline since 2025-08)
+- **Remote access:** ScreenConnect + Splashtop + Syncro RMM. Site-to-site VPN to ACG (vault `clients/khalsa/ucg`, 172.16.50.x) is BROKEN — manage via ScreenConnect/Syncro
+- **Primary contact:** Celeste Duitman (Khalsa Family Services); asset contact lulu.camacho@khalsaschools.org
+- **Billing model / hours:** *(not documented)*
 - **Contract status:** ONBOARDING — terms not yet documented
-- **Hours remaining:** *(not documented)*
 
-[WARNING] All template fields in overview.md, m365.md, azure.md, rmm.md, antivirus.md, and backup.md are blank. The only substantive technical content in the entire client directory is `docs/apple-domain-join.md`. Onboarding must be completed before this client can be effectively supported.
+[WARNING] M365/azure/rmm/antivirus/backup template files still blank. No server backup configuration captured — VERIFY backups exist. Servers run Windows Defender only.
 
 ---
 
@@ -60,16 +61,23 @@ All contact fields in overview.md are blank. No primary contact, IT contact, nam
 
 No server or workstation inventory has been captured. The following is known only from `docs/apple-domain-join.md`:
 
-### Known Servers
+### Known Servers (live data 2026-06-19)
 
-| Hostname | IP | Role | OS | Notes |
-|----------|----|------|----|-------|
-| TROUT | 10.11.12.254 | Domain Controller, Primary DNS | *(not documented)* | khalsa.local domain; DNS forwarder at 10.11.12.1 |
-| *(unknown)* | 10.11.12.243 | DNS server | *(not documented)* | [WARNING] This is a DNS server but NOT the DC — do not confuse the two |
+| Hostname | Site | IP | Role | OS | Hardware | Disk used | Status |
+|----------|------|----|------|----|----------|-----------|--------|
+| TROUT | Camden | 10.11.12.254 | **DC + DNS + file (K:) + QuickBooks** | WS2016 Std | Dell PowerEdge T110 II (S/N 1V20R22), Xeon E31220, 16 GB | ~490 GB / 927 GB; **C: only 12 GB free (10%)** | ONLINE |
+| SALMON | River | 10.11.14.76 | Standalone file/QuickBooks (not a DC; workgroup) | WS2016 Std | Dell PowerEdge T130 (S/N 8Z8FPD2), Xeon E3-1220 v5, 8 GB | ~321 GB / 929 GB | ONLINE |
+| KHALSADC2 | ? | *(unknown)* | Intended 2nd DC (eval license, whitebox) | WS2016 **Eval** | i5-4430, 8 GB, 500 GB SSD + USB | n/a | **OFFLINE since 2025-08-19** |
+
+Detail: `clients/khalsa/docs/servers/{camden/TROUT,river/SALMON,camden/KHALSADC2}.md`.
+
+[WARNING] TROUT is the **only functioning DC** — KHALSADC2 has not reported since mid-2025, so AD has NO redundancy. A TROUT failure = full login/DNS outage.
+
+**TROUT retirement (Celeste's question):** TROUT used to host Schoolmaster (now archived/unused), but it has since become the Camden DC/DNS/file/QuickBooks server, so it CANNOT be removed as-is. To retire it: promote a replacement DC+DNS (SALMON or new box, or move to M365/Entra), migrate K:/QuickBooks data, transfer FSMO + DNS, demote, then power off.
 
 ### Workstations
 
-*(not documented)*
+~20 Syncro device assets (Camden + River): DESKTOP-MAN1CGE, DESKTOP-RKKR9KN, DESKTOP-M45ARIN, LAPTOP-NIBQP9LG/JCSPNNA5/AGN1DMAR/KJJB0R90, KMS-LT11-1/2, KHALSA-R-LT1/2, UE-DONAGHY-L, PRIME-RTG-PC, AD-KHALSA-D-FRO, CAM-LULU-D, DESKTOP-9LT4ICC, AD-JANICE-D, CAM-STAFFROOM-D. (10.11.12.243 noted in apple-domain-join.md as a non-DC DNS host — role unconfirmed in this pass.)
 
 ### Active Directory
 

wiki/index.md

@@ -45,7 +45,7 @@ Run `/wiki-lint` to check for stale entries and broken backlinks.
 | [The Law Offices of Chris Scileppi](clients/scileppi-law.md) | Law firm; Syncro ID 9601863; Sylvia Mac mini (M2 8 GB) mail memory exhaustion; Mail disabled; on webmail; replacement Mac mini (M4 16/24 GB) pending order; GuruRMM enrollment blocked | 2026-05-24 |
 | [Western Tire](clients/western-tire.md) | Tire retail (jackfurriers.com brand); Mike Furrier owner (Syncro ID 391491); email migrated from websvr to IX 2026-04-22; 30 mailboxes; SSL cert expires 2026-05-30 | 2026-05-24 |
 | [Kittle Design & Construction LLC](clients/kittle.md) | **Canonical Kittle article.** GC Tucson AZ; Syncro 32460233; M365 kittlearizona.com (tenant 3d073ebe); **major June 2026 BEC/ACH-fraud incident** — Ken+marco+Accounting compromised, fraudulent bank-change to City of Tucson + Town of Marana ($130K+ exposure, PREVENTED, no loss), IC3 filed; root cause = April credential theft + incomplete remediation (password never reset → ~2mo persistence); CA hardened + Entra P2 added 6/9; HPE MicroServer WS2025 EVAL, no backups/firewall | 2026-06-09 |
-| [Khalsa (two-site)](clients/khalsa.md) | Two-site client (Camden + River); onboarding not completed; domain khalsa.local, DC TROUT at 10.11.12.254; Mac domain-join runbook documented; template docs otherwise empty | 2026-05-24 |
+| [Khalsa (two-site)](clients/khalsa.md) | Khalsa Montessori School (Syncro 9456554); two-site (Camden + River); domain khalsa.local on 10.11.12.0/22. **Server inventory captured 2026-06-19** (Syncro+ScreenConnect): TROUT (Camden, 10.11.12.254) = sole live DC+DNS+file(K:)+QuickBooks on aging Dell T110 II, ~490GB used, C: only 10% free; SALMON (River, 10.11.14.76) = standalone file/QB server; KHALSADC2 = intended 2nd DC OFFLINE since 2025-08 (no AD redundancy). **TROUT can't be removed as-is** (Schoolmaster gone but it now runs DC/DNS/QB) — needs role migration first. No server backups captured; VPN to ACG broken (manage via ScreenConnect). M365/contract terms still pending | 2026-06-19 |
 | [Lone Star Electrical Systems](clients/lonestar-electrical.md) | Electrical contractor Tucson AZ; Syncro 33809612, prepaid block 13.5 hrs; Google Workspace (not M365); ManageEngine MDM (Zoho); Unraid server (7.1.4, USB migrated 2026-06-02); LS-1/LS-2 Sophos removal COMPLETE (2026-06-02); Defender active on both; field/mobile-first | 2026-06-02 |
 | [Anaise](clients/anaise.md) | Single workstation client; contact David (anaisedavid.office@gmail.com); DESKTOP-O8GF4SD; creds in vault at clients/anaise/desktop-o8gf4sd.sops.yaml; onboarding incomplete; M365 enrollment unconfirmed | 2026-05-24 |
 | [ACG Website (azcomputerguru.com)](clients/azcomputerguru.com.md) | Public website redesign (Astro); score 33/40; placeholder testimonials + no-backend form are pre-launch blockers; OKLCH token design system; see internal-infrastructure.md for ACG servers | 2026-05-24 |