azcomputerguru/claudetools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

sync: auto-sync from HOWARD-HOME at 2026-06-21 21:01:39

Browse Source 
Author: Howard Enos
Machine: HOWARD-HOME
Timestamp: 2026-06-21 21:01:39
This commit is contained in:
Howard Enos
2026-06-21 21:02:05 -07:00
parent 8713b46d3f
commit f6f0421ff3
5 changed files with 31 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.claude/memory/MEMORY.md
View File

@@ -143,7 +143,7 @@
- [ACG MSP tool stack](reference_acg_msp_stack.md) — ScreenConnect/CW Control, Splashtop, Syncro, Datto RMM, Datto EDR/AV, GuruRMM are ACG's OWN tools; do not flag as foreign/threat on managed machines (Defender-off is expected when Datto AV is active).
- [ACG Website Hosting](project_azcomputerguru_hosting.md) — azcomputerguru.com is hosted on IX Web Hosting via cPanel.
- [jq on Windows emits CRLF](feedback_jq_crlf_windows.md) — winget jq outputs CRLF; trailing \r silently breaks `for x in $(jq ...)` loops + read-from-@tsv. Override `jq(){ command jq "$@"|tr -d '\r'; }`. Windows-build-specific (passes on Mac/Linux).
- [ScreenConnect RESTful API auth](reference_screenconnect_api.md) — CTRLAuthHeader = raw api_secret (no Basic/b64) + Origin header; only method is GetSessionsByName; matches blank-for-agents Name field so it cannot enumerate full inventory.
- [ScreenConnect RESTful API auth](reference_screenconnect_api.md) — CTRLAuthHeader = raw api_secret (no Basic/b64) + Origin header; now wrapped by the /screenconnect skill. Verified surface: GetSessionsByName/GetSessionDetails + writes SendCommand/SendMessage/UpdateCustomProperties + parameterized self-tagging installer. Still NO full-fleet inventory method (GetSessions missing).
- [No manufactured guardrails on our products](feedback_no_manufactured_guardrails.md) — At Mikes request on GuruRMM/GuruConnect/ClaudeTools, just execute; stop only for genuinely irreversible/destructive ops (with a heads-up). Read the actual code/state before claiming something is disallowed or a security hole.
- [Stream-of-thought design convos](feedback_stream_of_thought_design.md) — Mike brainstorms features free-form, adding requirements iteratively; Claude validates/sharpens as a design partner but does NOT build until an explicit go, then captures parked threads durably (PARKED_*.md + todos) for a later /shape-spec.
- [RMM Thoughts backlog](feedback_rmm_thoughts_backlog.md) — GuruRMM ideas from Mike & Howard go in projects/msp-tools/guru-rmm/docs/RMM_THOUGHTS.md (Status: Raw); pipeline thought -> discuss -> spec (/shape-spec) -> roadmap. Don't build until an explicit go.

2
.claude/memory/reference_resource_map.md
View File

@@ -129,7 +129,7 @@ type: reference
- Detail: [[reference_gururmm]], [[project_gururmm]], [[feedback_gururmm]].
### ScreenConnect / CW Control
- Primary remote-access tool. `msp-tools/screenconnect.sops.yaml`.
- Primary remote-access tool. `msp-tools/screenconnect.sops.yaml`. Skill: `/screenconnect` (sessions, parameterized self-tagging installer, gated backstage control). See [[reference_screenconnect_api]].
- **Gotcha:** Toolbox scripts truncate lines >80 chars silently; no inline comments mid-script. See [[reference_msp_audit_scripts]].
### Splashtop (SOS / Streamer)

19
.claude/memory/reference_screenconnect_api.md
View File

@@ -1,15 +1,22 @@
---
name: reference_screenconnect_api
description: Working auth + method for the ACG ScreenConnect RESTful API extension (CTRLAuthHeader = raw secret, GetSessionsByName)
description: ACG ScreenConnect RESTful API auth + verified method surface (CTRLAuthHeader=raw secret); now wrapped by the /screenconnect skill
metadata:
type: reference
---
ACG ScreenConnect RESTful API extension verified working call (2026-06-02, Howard). Credentials in vault `msp-tools/screenconnect.sops.yaml` (`credentials.username`, `credentials.api_secret`).
ACG ScreenConnect (CW Control) RESTful API Manager extension. Auth verified 2026-06-02;
full method surface + parameterized-installer deploy verified live 2026-06-21 (Howard).
**Now wrapped by the `/screenconnect` skill** (`.claude/skills/screenconnect/`) — use that
(`sc.py`/`sc_client.py`) rather than hand-rolling calls. Secret in vault
`msp-tools/screenconnect.sops.yaml` (`credentials.api_secret`).
- **Host:** `https://computerguru.screenconnect.com` **extension-guid:** `2d558935-686a-4bd0-9991-07539f5fe749`
- **Auth (the non-obvious part):** header `CTRLAuthHeader: <raw api_secret>` with **NO `Basic ` prefix and no base64** + header `Origin: https://computerguru.screenconnect.com`. Putting the secret in `Authorization: Basic <b64>`, or `CTRLAuthHeader: Basic <b64>`, both return 401. Raw secret in CTRLAuthHeader is what works.
- **Only method that exists:** `POST /App_Extensions/<guid>/Service.ashx/GetSessionsByName` with JSON body `{"sessionName":"<name>"}`. Every other `Get*` name (GetSessions, GetSessionList, GetHosts, ...) returns 500 `"Web method does not exist"`. Bad/missing params return 500 `"Unknown parameter: <x>"` — the valid param is `sessionName`.
- **Big limitation:** the match is on the session `Name` field, which is **blank for unattended access agents**, so this api user only enumerates a handful of named sessions — it CANNOT list a client's full machine inventory. For per-machine last-seen across a whole client, the API is not sufficient; read the ScreenConnect console (or a screen recording) instead. Session objects do carry `LastConnectedEventTime`, `LastEventTime`, `GuestInfo.LastActivityTime`, and custom props CP1=Company / CP2=Site / CP3=Tag.
- **Auth (the non-obvious part):** header `CTRLAuthHeader: <raw api_secret>` with **NO `Basic ` prefix and no base64** + header `Origin: https://computerguru.screenconnect.com`. `Authorization: Basic <b64>` or `CTRLAuthHeader: Basic <b64>` both 401. Raw secret in CTRLAuthHeader is what works. Endpoint: `POST /App_Extensions/<guid>/Service.ashx/<Method>`.
- **Verified methods (CORRECTS the old "only GetSessionsByName" note):** reads take a JSON object, writes take a POSITIONAL ARRAY.
- Reads: `GetSessionsByName {"sessionName":"<name>"}`, `GetSessionDetailsBySessionID {"sessionID":"<id>"}`, `GetSessionBySessionID`.
- Writes (gated in the skill): `SendCommandToSession ["<id>","<cmd>"]` (backstage command on the guest), `SendMessageToSession ["<id>","<msg>"]`, `UpdateSessionCustomProperties ["<id>",["cp1","cp2","cp3",...]]`. CP1=Company / CP2=Site / CP3=Tag (up to CP8).
- **Parameterized access installer (deploy):** the cloud serves a pre-keyed installer at `/Bin/ScreenConnect.ClientSetup.<ext>?e=Access&y=Guest&t=<name>&c=<CP1>&c=<CP2>&c=<CP3>...` (ext: msi/exe/pkg/deb/rpm/sh). The repeated `c=` self-tag the agent on install, so an RMM-pushed install self-places into the right Company/Site/Tag. Windows silent: `msiexec /i <file> /qn /norestart`. VERIFIED end-to-end on RMM-TEST-MACHINE 2026-06-21.
- **Real limitation (still true):** NO full-fleet inventory method — `GetSessions`/`GetAllSessions`/`GetSessionGroups` return 500 `"Web method does not exist"`. You CANNOT list a client's whole machine inventory via this API yet; needs Mike to update the RESTful API Manager extension (coord msg 60d9e876). Workaround: the installer sets session Name = machine name, so by-name lookup works post-install.
Used during the Dataforth Syncro asset cleanup as the third liveness source alongside Syncro + Bitdefender. See [[reference_acg_msp_stack]].
Used during the Dataforth Syncro asset cleanup as a liveness source. See [[reference_acg_msp_stack]] and the `/screenconnect` skill SKILL.md.