diff --git a/clients/khalsa/PROJECT_STATE.md b/clients/khalsa/PROJECT_STATE.md index 06b60c7f..6b48f09f 100644 --- a/clients/khalsa/PROJECT_STATE.md +++ b/clients/khalsa/PROJECT_STATE.md @@ -2,7 +2,7 @@ > READ THIS before starting work on this client. > UPDATE THIS when you begin work (claim a lock) and when you finish (release lock + log changes). -> Last updated: 2026-04-20 +> Last updated: 2026-06-19 --- @@ -18,16 +18,26 @@ ## Current State -**Status:** ONBOARDING -**Last Activity:** 2026-04-16 +**Status:** ONBOARDING (server inventory now captured) +**Last Activity:** 2026-06-19 -New client. Standard directory template applied 2026-04-16. Onboarding not yet complete. Directory contains only a `docs/` subfolder — minimal information captured. +Server + network inventory discovered 2026-06-19 via Syncro asset API + ScreenConnect +telemetry (triggered by Celeste Duitman asking whether the "Trout server" can be +retired). Three servers documented; on-box live audit of TROUT still pending. --- ## Infrastructure / Access -No infrastructure details recorded yet. Check `clients/khalsa/docs/` for any notes captured during initial onboarding. +- **Remote access:** ScreenConnect (computerguru.screenconnect.com) + Splashtop + Syncro RMM. + Site-to-site VPN to ACG (vault `clients/khalsa/ucg`, 172.16.50.x) is BROKEN — on-net + IPs not reachable from ACG; use ScreenConnect/Syncro. +- **Domain:** khalsa.local; DC = TROUT (10.11.12.254). Network 10.11.12.0/22. +- **Servers:** TROUT (Camden, DC/DNS/file/QB, ONLINE), SALMON (River, standalone file/QB, + ONLINE), KHALSADC2 (intended 2nd DC, OFFLINE since 2025-08). See `docs/servers/`. +- **Vault:** `clients/khalsa/{ucg,switch,accountant-machine}.sops.yaml`. No TROUT/SALMON + server creds vaulted yet (local admin = kms-admin; domain admin = guru). +- **Key risk:** TROUT is the only live DC; C: at 10% free; no captured backups. --- @@ -43,6 +53,7 @@ No infrastructure details recorded yet. Check `clients/khalsa/docs/` for any not | Date | By | Change | Status | |------|-----|--------|--------| | 2026-04-16 | Howard | Standard client directory structure applied | IN PROGRESS | +| 2026-06-19 | Howard | Server/network inventory captured (TROUT, SALMON, KHALSADC2) via Syncro+ScreenConnect; answered Celeste re TROUT retirement | DONE | --- diff --git a/clients/khalsa/docs/overview.md b/clients/khalsa/docs/overview.md index 0892de09..6b6f80ab 100644 --- a/clients/khalsa/docs/overview.md +++ b/clients/khalsa/docs/overview.md @@ -1,42 +1,73 @@ # Client Overview +Khalsa Montessori School (Syncro customer 9456554). Also referred to by the +client as "Khalsa Family Services" / "Khalsa Schools". Fish-named servers +(TROUT, SALMON). Two sites: Camden and River. + ## Company Name -Khalsa +Khalsa Montessori School ## Primary Contact -- Name: +- Name: Celeste Duitman (Khalsa Family Services) - Phone: - Email: +- Note: 2026-06-19 asked whether the "Trout server" can be retired (it used to host + Schoolmaster, now archived). Answer: no, not as-is — TROUT is the live DC/DNS/file/ + QuickBooks server. See servers/camden/TROUT.md. -## IT Contact -- Name: -- Phone: -- Email: +## IT / Billing Contacts (from Syncro) +- lulu.camacho@khalsaschools.org (asset contact on Syncro account) ## Contract Details -- Service Level: -- Hours Covered: -- Contract Renewal Date: +- Service Level: (not documented) +- Hours Covered: (not documented) +- Contract Renewal Date: (not documented) -## Environment Summary -- Total Users: -- Total Locations: 2 -- Domain Name: -- RMM Agent Count: -- Workstation Count: -- Server Count: +## Environment Summary (live data 2026-06-19) +- Total Users: (not documented) +- Total Locations: 2 (Camden, River) +- Domain Name: khalsa.local (Camden DC = TROUT @ 10.11.12.254) +- Network: 10.11.12.0/22 (Camden 10.11.12.x, River 10.11.14.x); gateway 10.11.12.1 +- Site WAN egress: 50.145.145.190 +- Remote access: ScreenConnect (computerguru.screenconnect.com) + Splashtop; Syncro RMM agents +- Site-to-site VPN to ACG (172.16.50.x): documented but BROKEN ("VPN routing issue") — on-net IPs not reachable from ACG; manage via ScreenConnect/Syncro +- Server Count: 3 known (2 live + 1 offline) +- RMM/Workstation Count: ~20 Syncro device assets (see Inventory) + +## Servers +| Host | Site | IP | OS | Role | Status | +|------|------|----|----|------|--------| +| TROUT | Camden | 10.11.12.254 | WS2016 Std | DC + DNS + file (K:) + QuickBooks | ONLINE | +| SALMON | River | 10.11.14.76 | WS2016 Std | Standalone file/QuickBooks (River) | ONLINE | +| KHALSADC2 | ? | ? | WS2016 Eval | Intended 2nd DC | OFFLINE since 2025-08 | + +See servers/camden/TROUT.md, servers/river/SALMON.md, servers/camden/KHALSADC2.md. + +## Workstation/Device Inventory (Syncro, 2026-06-19) +~20 Syncro device assets incl.: DESKTOP-MAN1CGE, DESKTOP-RKKR9KN, DESKTOP-M45ARIN, +LAPTOP-NIBQP9LG, LAPTOP-JCSPNNA5, LAPTOP-AGN1DMAR, LAPTOP-KJJB0R90, KMS-LT11-1, +KMS-LT11-2, KHALSA-R-LT1, KHALSA-R-LT2, UE-DONAGHY-L, PRIME-RTG-PC, AD-KHALSA-D-FRO, +CAM-LULU-D, DESKTOP-9LT4ICC, AD-JANICE-D, CAM-STAFFROOM-D. ## Locations - ### Camden - Address: - Phone: -- Primary Use: +- Primary Use: Main office; hosts TROUT (DC/DNS/QuickBooks/file) ### River - Address: - Phone: -- Primary Use: +- Primary Use: Second site; hosts SALMON (standalone file/QuickBooks) + +## Key Risks / Open Items +- TROUT C: drive at 10% free (12 GB) — low-disk risk. +- No DC redundancy: TROUT is the only live DC (KHALSADC2 offline). TROUT failure = outage. +- No backup configuration captured for any server — VERIFY backups exist. +- Windows Defender is the only AV on servers. +- Onboarding still incomplete: M365/Azure, contacts (phones/emails), contract terms, + backup, and per-server share/app detail not yet captured. ## Notes - +Data captured via Syncro asset API + ScreenConnect session telemetry on 2026-06-19. +On-box live audit still needed to itemize TROUT's shares/folders and installed software. diff --git a/clients/khalsa/docs/servers/camden/KHALSADC2.md b/clients/khalsa/docs/servers/camden/KHALSADC2.md new file mode 100644 index 00000000..c8a2a947 --- /dev/null +++ b/clients/khalsa/docs/servers/camden/KHALSADC2.md @@ -0,0 +1,31 @@ +# Server: KHALSADC2 + +> Source: live data from Syncro asset 10778071 (Khalsa Montessori School), captured +> 2026-06-19. STALE — agent has not reported since 2025-08-19. + +## General Info +- Hostname: KHALSADC2 +- IP Address: unknown (not captured) +- OS: Microsoft Windows Server 2016 Standard **Evaluation** (unlicensed eval build) +- Physical / Virtual: Physical (whitebox — "To Be Filled By O.E.M.") +- Location: unknown (named as second DC; presumed Camden) +- Last boot: 2025-07-09 +- Last Syncro report: 2025-08-19 +- Status: **OFFLINE / not reporting since mid-2025** — abandoned or decommissioned + +## Hardware +- Make/Model: whitebox / OEM-unfilled +- CPU: Intel Core i5-4430 @ 3.00 GHz (desktop-class) +- RAM: 8 GB +- Storage: Samsung SSD 850 EVO 500 GB + a 57 GB SanDisk USB stick + +## Roles and Services +- Intended as a **second domain controller** ("DC2") for khalsa.local, added ~Feb 2025. +- Appears to have been a temporary/eval DC that was never finished or was retired. + It is NOT providing AD redundancy today. + +## Significance +- Because KHALSADC2 is offline, **TROUT is the only functioning DC** for khalsa.local. + The domain currently has no DC redundancy — a TROUT failure = full network/login outage. +- If this box still physically exists and is recoverable, it is a poor candidate for a + permanent DC (eval license, desktop CPU, USB-stick storage). Plan a proper replacement. diff --git a/clients/khalsa/docs/servers/camden/TROUT.md b/clients/khalsa/docs/servers/camden/TROUT.md new file mode 100644 index 00000000..18f3ab97 --- /dev/null +++ b/clients/khalsa/docs/servers/camden/TROUT.md @@ -0,0 +1,70 @@ +# Server: TROUT + +> Source: live data from Syncro asset 2294092 + ScreenConnect session "TROUT" +> (Khalsa Montessori School), captured 2026-06-19. Roles marked [confirmed] are +> from agent telemetry; roles marked [indicated] are inferred from support-ticket +> history and need on-box confirmation via a live audit. + +## General Info +- Hostname: TROUT +- IP Address: 10.11.12.254 (static; /22 mask 255.255.252.0 -> 10.11.12.0/22) +- Public IP (site WAN): 50.145.145.190 +- OS: Microsoft Windows Server 2016 Standard +- OS Version: build 14393.6981 (release 1607) +- Physical / Virtual: Physical (reports a Dell Virtual Disk via PERC; bare-metal box) +- Location: Camden ("Camden server") +- Domain: khalsa.local (this host IS the domain) +- DNS config: dns1 = 127.0.0.1 (self), dns2 = 10.11.12.254 (self); gateway 10.11.12.1 +- Last boot: 2026-03-11 +- Status: ONLINE (agent heartbeat 2026-06-19) + +## Hardware (physical) +- Make/Model: Dell PowerEdge T110 II +- Serial / Service Tag: 1V20R22 +- CPU: Intel Xeon E31220 @ 3.10 GHz (4 threads) +- RAM: 16 GB (2x 8 GB) +- Storage: 1x Dell Virtual Disk (PERC), 931 GB raw +- Note: ~2012-era hardware, aging + +## Disk Usage (2026-06-19) +- C: (system): 120 GB total, **12 GB free (10% free)** — CRITICALLY LOW +- All fixed disks: 927 GB total, 437 GB free (47% free) +- Total used: ~490 GB; data volume (D:) holds ~380 GB of files + +## Roles and Services +- [x] Domain Controller [confirmed] — sole functioning DC for khalsa.local (KHALSADC2 offline since mid-2025) +- [x] DNS Server [confirmed] — primary DNS for both sites (PCs at River also point here) +- [ ] DHCP Server — unconfirmed (gateway 10.11.12.1 may serve DHCP; verify on-box) +- [x] File Server [indicated] — users map a **K: drive** (tickets #32016) +- [x] Application Server / QuickBooks host [indicated] — QuickBooks company files + (tickets #31904 "Camden server can't get on QBs after power outage", #32047 + "move QBs from Camden to River") +- [ ] Print Server — unconfirmed +- [ ] Database Server — unconfirmed (legacy Schoolmaster + SQL removed per client; verify no SQL remains) +- [ ] Backup Target — unconfirmed +- [ ] RDS / Terminal Server — unconfirmed +- [ ] Hyper-V Host — unconfirmed + +## History / Schoolmaster +- Formerly hosted **Schoolmaster** (school management app). Per Celeste Duitman + (Khalsa Family Services, 2026-06-19) Schoolmaster is no longer used and has been + archived. TROUT has since taken on DC/DNS/file/QuickBooks duties, so it CANNOT be + removed as-is despite Schoolmaster being gone. + +## AV / Security +- AV: Windows Defender only +- Local admin account: kms-admin (last interactive); KHALSA\guru also used + +## Decommission notes +To retire TROUT you must first migrate its live roles: +1. Promote a replacement DC + DNS (SALMON, a new box, or move to M365/Entra) — there + is currently NO healthy second DC. +2. Move file shares (K:) and QuickBooks data to the replacement. +3. Transfer FSMO roles + DNS, demote TROUT, then power off. +This is a planned migration, not an unplug. Age + near-full C: make retirement sensible. + +## Remaining unknowns (need live on-box audit) +- Exact share list + per-folder sizes on D: +- Full installed-software list (confirm no SQL/Schoolmaster remnants) +- Whether DHCP/print roles run here +- Backup status (no backup configuration captured) diff --git a/clients/khalsa/docs/servers/river/SALMON.md b/clients/khalsa/docs/servers/river/SALMON.md new file mode 100644 index 00000000..2353405e --- /dev/null +++ b/clients/khalsa/docs/servers/river/SALMON.md @@ -0,0 +1,46 @@ +# Server: SALMON + +> Source: live data from Syncro asset 6746237 (Khalsa Montessori School), captured +> 2026-06-19. Role is inferred (standalone server, not a DC) and needs on-box +> confirmation via a live audit. + +## General Info +- Hostname: SALMON +- IP Address: 10.11.14.76 (DHCP; /22 mask 255.255.252.0 -> 10.11.12.0/22) +- Public IP (site WAN): 50.145.145.190 (same egress as TROUT in telemetry) +- OS: Microsoft Windows Server 2016 Standard +- OS Version: build 14393.6796 (release 1607) +- Physical / Virtual: Physical +- Location: River (10.11.14.x subnet) +- Domain: NOT domain-joined (domain field blank; last login SALMON\kms-admin = local account) +- DNS config: dns1 = 10.11.12.254 (TROUT), dns2 = 10.11.12.1; gateway 10.11.12.1; DHCP server 10.11.12.1 +- Last boot: 2026-03-25 +- Status: ONLINE (agent heartbeat 2026-06-19) + +## Hardware (physical) +- Make/Model: Dell PowerEdge T130 +- Serial / Service Tag: 8Z8FPD2 +- CPU: Intel Xeon E3-1220 v5 @ 3.00 GHz +- RAM: 8 GB +- Storage: 2x Toshiba DT01ACA050 (465.76 GB each; likely mirrored) + +## Disk Usage (2026-06-19) +- C: (system): 463 GB total, 239 GB free (51% free) +- All fixed disks: 929 GB total, 608 GB free (65% free) +- Total used: ~321 GB + +## Roles and Services +- [ ] Domain Controller — NO (standalone/workgroup) +- [ ] DNS Server — NO (uses TROUT for DNS) +- [x] File Server [indicated] — likely the River-site file/QuickBooks server + (ticket #32047 "move QBs from Camden to River"); ~321 GB of data present +- Other roles unconfirmed — needs live audit + +## AV / Security +- AV: Windows Defender only +- Local admin account: kms-admin + +## Notes +- Most likely candidate to absorb TROUT's file/QuickBooks data in a TROUT + decommission, OR to be promoted to a domain controller. Has ~600 GB free. +- Naming convention: Khalsa servers are fish-named (TROUT, SALMON). diff --git a/errorlog.md b/errorlog.md index 3ae8165c..38c49118 100644 --- a/errorlog.md +++ b/errorlog.md @@ -23,6 +23,8 @@ Categories (the `[type]` tag): _(none)_ = skill/command execution failure · 2026-06-19 | GURU-5070 | rmm/onboard vault | [friction] stashed onboard vars in a scratch .env and sourced it; NAME=Jimmy Company (unquoted space) made 'source' exec the 2nd word as a command and left NAME unset -> vault file written with client: null. Fix: quote values when writing the env (printf '%s=%q'), or read back with grep|cut not source. [ctx: machine=GURU-5070 client=jimmy] +2026-06-19 | Howard-Home | ix/whm-api | [friction] WHM /json-api/cpanel UAPI Fileman get_file_content returned empty 'file' param (error: file does not exist); wasted calls. Fix: for IX cPanel file reads/edits use paramiko SFTP with root creds from vault infrastructure/ix-server, not the WHM UAPI file wrapper + 2026-06-19 | GURU-5070 | coord/self-check publish | [friction] coord-queue.jsonl queued a census with an MSYS-mangled URL path (/api/coord/... -> C:/Program Files/Git/api/coord/...) AND was git-tracked (not gitignored), so a stale RED census propagated to the repo and could clobber a published GREEN if drained. Fix: gitignore .claude/coord-queue.jsonl; the queue writer must prefix the curl path with the full coord_api base or set MSYS2_ARG_CONV_EXCL/MSYS_NO_PATHCONV to stop path conversion. [ctx: machine=GURU-5070 ref=CLAUDE.md-softfail-queue] 2026-06-19 | Howard-Home | unifi-wifi/gw-sitemanager | find subcommand crashed: GET /v1/hosts -> HTTP 500, then JSON decode traceback (no graceful handling of non-JSON error body) [ctx: client=khalsa cmd=find] diff --git a/wiki/clients/khalsa.md b/wiki/clients/khalsa.md index ede45c2a..7fb76a6c 100644 --- a/wiki/clients/khalsa.md +++ b/wiki/clients/khalsa.md @@ -2,8 +2,8 @@ type: client name: khalsa display_name: Khalsa -last_compiled: 2026-05-24 -compiled_by: DESKTOP-0O8A1RL/claude-main +last_compiled: 2026-06-19 +compiled_by: GURU-5070/claude-main sources: - clients/khalsa/docs/overview.md - clients/khalsa/docs/cloud/m365.md @@ -31,17 +31,18 @@ sources: ## Overview -New client in ONBOARDING status as of 2026-04-16. Standard client directory structure applied by Howard. Multi-site environment with two locations: **Camden** and **River**. Onboarding is incomplete — infrastructure details, contacts, and credentials have not yet been captured to the vault. +Khalsa Montessori School (Syncro customer 9456554; also called "Khalsa Family Services" / "Khalsa Schools"). ONBOARDING status; multi-site (**Camden** + **River**). **Server + network inventory captured 2026-06-19** via Syncro asset API + ScreenConnect telemetry (triggered by Celeste Duitman asking whether the "Trout server" can be retired). M365/Azure, contract terms, and per-server share/app detail still pending. -- **Business type:** *(not documented)* +- **Business type:** Montessori school - **Locations:** 2 (Camden, River) -- **Total users:** *(not documented)* -- **Billing model:** *(not documented)* -- **Billing rate:** *(not documented)* +- **Domain:** khalsa.local (network 10.11.12.0/22; gateway 10.11.12.1; WAN egress 50.145.145.190) +- **Servers:** 3 known — TROUT (Camden DC, online), SALMON (River standalone, online), KHALSADC2 (intended 2nd DC, offline since 2025-08) +- **Remote access:** ScreenConnect + Splashtop + Syncro RMM. Site-to-site VPN to ACG (vault `clients/khalsa/ucg`, 172.16.50.x) is BROKEN — manage via ScreenConnect/Syncro +- **Primary contact:** Celeste Duitman (Khalsa Family Services); asset contact lulu.camacho@khalsaschools.org +- **Billing model / hours:** *(not documented)* - **Contract status:** ONBOARDING — terms not yet documented -- **Hours remaining:** *(not documented)* -[WARNING] All template fields in overview.md, m365.md, azure.md, rmm.md, antivirus.md, and backup.md are blank. The only substantive technical content in the entire client directory is `docs/apple-domain-join.md`. Onboarding must be completed before this client can be effectively supported. +[WARNING] M365/azure/rmm/antivirus/backup template files still blank. No server backup configuration captured — VERIFY backups exist. Servers run Windows Defender only. --- @@ -60,16 +61,23 @@ All contact fields in overview.md are blank. No primary contact, IT contact, nam No server or workstation inventory has been captured. The following is known only from `docs/apple-domain-join.md`: -### Known Servers +### Known Servers (live data 2026-06-19) -| Hostname | IP | Role | OS | Notes | -|----------|----|------|----|-------| -| TROUT | 10.11.12.254 | Domain Controller, Primary DNS | *(not documented)* | khalsa.local domain; DNS forwarder at 10.11.12.1 | -| *(unknown)* | 10.11.12.243 | DNS server | *(not documented)* | [WARNING] This is a DNS server but NOT the DC — do not confuse the two | +| Hostname | Site | IP | Role | OS | Hardware | Disk used | Status | +|----------|------|----|------|----|----------|-----------|--------| +| TROUT | Camden | 10.11.12.254 | **DC + DNS + file (K:) + QuickBooks** | WS2016 Std | Dell PowerEdge T110 II (S/N 1V20R22), Xeon E31220, 16 GB | ~490 GB / 927 GB; **C: only 12 GB free (10%)** | ONLINE | +| SALMON | River | 10.11.14.76 | Standalone file/QuickBooks (not a DC; workgroup) | WS2016 Std | Dell PowerEdge T130 (S/N 8Z8FPD2), Xeon E3-1220 v5, 8 GB | ~321 GB / 929 GB | ONLINE | +| KHALSADC2 | ? | *(unknown)* | Intended 2nd DC (eval license, whitebox) | WS2016 **Eval** | i5-4430, 8 GB, 500 GB SSD + USB | n/a | **OFFLINE since 2025-08-19** | + +Detail: `clients/khalsa/docs/servers/{camden/TROUT,river/SALMON,camden/KHALSADC2}.md`. + +[WARNING] TROUT is the **only functioning DC** — KHALSADC2 has not reported since mid-2025, so AD has NO redundancy. A TROUT failure = full login/DNS outage. + +**TROUT retirement (Celeste's question):** TROUT used to host Schoolmaster (now archived/unused), but it has since become the Camden DC/DNS/file/QuickBooks server, so it CANNOT be removed as-is. To retire it: promote a replacement DC+DNS (SALMON or new box, or move to M365/Entra), migrate K:/QuickBooks data, transfer FSMO + DNS, demote, then power off. ### Workstations -*(not documented)* +~20 Syncro device assets (Camden + River): DESKTOP-MAN1CGE, DESKTOP-RKKR9KN, DESKTOP-M45ARIN, LAPTOP-NIBQP9LG/JCSPNNA5/AGN1DMAR/KJJB0R90, KMS-LT11-1/2, KHALSA-R-LT1/2, UE-DONAGHY-L, PRIME-RTG-PC, AD-KHALSA-D-FRO, CAM-LULU-D, DESKTOP-9LT4ICC, AD-JANICE-D, CAM-STAFFROOM-D. (10.11.12.243 noted in apple-domain-join.md as a non-DC DNS host — role unconfirmed in this pass.) ### Active Directory diff --git a/wiki/index.md b/wiki/index.md index fa28d101..a955bf46 100644 --- a/wiki/index.md +++ b/wiki/index.md @@ -45,7 +45,7 @@ Run `/wiki-lint` to check for stale entries and broken backlinks. | [The Law Offices of Chris Scileppi](clients/scileppi-law.md) | Law firm; Syncro ID 9601863; Sylvia Mac mini (M2 8 GB) mail memory exhaustion; Mail disabled; on webmail; replacement Mac mini (M4 16/24 GB) pending order; GuruRMM enrollment blocked | 2026-05-24 | | [Western Tire](clients/western-tire.md) | Tire retail (jackfurriers.com brand); Mike Furrier owner (Syncro ID 391491); email migrated from websvr to IX 2026-04-22; 30 mailboxes; SSL cert expires 2026-05-30 | 2026-05-24 | | [Kittle Design & Construction LLC](clients/kittle.md) | **Canonical Kittle article.** GC Tucson AZ; Syncro 32460233; M365 kittlearizona.com (tenant 3d073ebe); **major June 2026 BEC/ACH-fraud incident** — Ken+marco+Accounting compromised, fraudulent bank-change to City of Tucson + Town of Marana ($130K+ exposure, PREVENTED, no loss), IC3 filed; root cause = April credential theft + incomplete remediation (password never reset → ~2mo persistence); CA hardened + Entra P2 added 6/9; HPE MicroServer WS2025 EVAL, no backups/firewall | 2026-06-09 | -| [Khalsa (two-site)](clients/khalsa.md) | Two-site client (Camden + River); onboarding not completed; domain khalsa.local, DC TROUT at 10.11.12.254; Mac domain-join runbook documented; template docs otherwise empty | 2026-05-24 | +| [Khalsa (two-site)](clients/khalsa.md) | Khalsa Montessori School (Syncro 9456554); two-site (Camden + River); domain khalsa.local on 10.11.12.0/22. **Server inventory captured 2026-06-19** (Syncro+ScreenConnect): TROUT (Camden, 10.11.12.254) = sole live DC+DNS+file(K:)+QuickBooks on aging Dell T110 II, ~490GB used, C: only 10% free; SALMON (River, 10.11.14.76) = standalone file/QB server; KHALSADC2 = intended 2nd DC OFFLINE since 2025-08 (no AD redundancy). **TROUT can't be removed as-is** (Schoolmaster gone but it now runs DC/DNS/QB) — needs role migration first. No server backups captured; VPN to ACG broken (manage via ScreenConnect). M365/contract terms still pending | 2026-06-19 | | [Lone Star Electrical Systems](clients/lonestar-electrical.md) | Electrical contractor Tucson AZ; Syncro 33809612, prepaid block 13.5 hrs; Google Workspace (not M365); ManageEngine MDM (Zoho); Unraid server (7.1.4, USB migrated 2026-06-02); LS-1/LS-2 Sophos removal COMPLETE (2026-06-02); Defender active on both; field/mobile-first | 2026-06-02 | | [Anaise](clients/anaise.md) | Single workstation client; contact David (anaisedavid.office@gmail.com); DESKTOP-O8GF4SD; creds in vault at clients/anaise/desktop-o8gf4sd.sops.yaml; onboarding incomplete; M365 enrollment unconfirmed | 2026-05-24 | | [ACG Website (azcomputerguru.com)](clients/azcomputerguru.com.md) | Public website redesign (Astro); score 33/40; placeholder testimonials + no-backend form are pre-launch blockers; OKLCH token design system; see internal-infrastructure.md for ACG servers | 2026-05-24 |