diff --git a/errorlog.md b/errorlog.md index 64671737..d5c88a33 100644 --- a/errorlog.md +++ b/errorlog.md @@ -19,6 +19,10 @@ Categories (the `[type]` tag): _(none)_ = skill/command execution failure · +2026-07-04 | Howard-Home | screenconnect/sc-cleanup | [friction] burned many tokens iterating the SERVER/Accounting remap because each WAN-map rebuild re-queried SERVER-named machines (returning all fleet SERVER sessions), re-contaminating; fix = build WAN map ONLY from unique-named (len==1) machines, never from shared names + +2026-07-04 | Howard-Home | screenconnect/sc-cleanup | [correction] assumed GetSessionsByName is client-scoped; it matches by NAME across ALL clients, so writing to shared/generic names (SERVER x11, Accounting x3) cross-contaminated other clients' sessions with the last-processed client's Company. Fixed tool to skip when >1 session returned; remapped contaminated sessions to correct client via WAN IP; 5 unidentifiable sessions left blank for manual console tagging (originals were overwritten, unrecoverable). + 2026-07-04 | Howard-Home | unifi-wifi/gw-sitemanager | Site Manager API call failed (HTTP 404) [ctx: path=/v1/connector/consoles/D021F96C10F9000000000646421B000000000690DCFE0000000061F0BB7D:1721816512/proxy/network/stat/sta] 2026-07-04 | Howard-Home | unifi-wifi/gw-sitemanager | Site Manager API call failed (HTTP 404) [ctx: path=/v1/connector/consoles/D021F96C10F9000000000646421B000000000690DCFE0000000061F0BB7D:1721816512/proxy/network/stat/device] diff --git a/projects/gps-rmm-audit/session-logs/2026-07/2026-07-03-howard-gps-rmm-coverage-audit.md b/projects/gps-rmm-audit/session-logs/2026-07/2026-07-03-howard-gps-rmm-coverage-audit.md index ad995512..b3a41d9c 100644 --- a/projects/gps-rmm-audit/session-logs/2026-07/2026-07-03-howard-gps-rmm-coverage-audit.md +++ b/projects/gps-rmm-audit/session-logs/2026-07/2026-07-03-howard-gps-rmm-coverage-audit.md @@ -155,3 +155,13 @@ Workflow captured (memory feedback_screenconnect_cleanup_wiki_source): SC/RMM cl Built projects/gps-rmm-audit/tools/sc-cleanup.py (DIRECT ScreenConnect API via urllib - CTRLAuthHeader + Origin to the RESTApi extension Service.ashx; ~10x faster than subprocess-per-call which timed out at 9min on ~500 sessions). Ran the safe no-guess pass across all ~45 worked RMM clients (skip: AZ Computer Guru, Unassigned, Dataforth, Cascades). Company (CP1) -> RMM client name (trimmed), keeping deliberate 'CODE - Name' conventions (GND -, LAB -); Device Type (CP4) from hostname/os; Department (CP3) only on high-confidence hostname tokens; Site (CP2) untouched. Result: 112 Company sessions normalized (fixed person-surname values Osgood->Design and Brand Envoys, Parkinson->Leeann Maddux; trimmed 'Patriot Internal Medicine '), Device Type set fleet-wide, 1 Department (Valley Wide). 4 Company changes to eyeball: Shinn,Sharon 'Starr Pass Realty'->'Shinn, Sharon' (maybe rename the RMM client to Starr Pass Realty instead), Sombra->Sombra Residential LLC, VWP dropped '(VWP)', Wolkin->Wolkin, Robert. 11 duplicate SC sessions flagged for manual console removal (mostly SERVER-named reinstalls). Departments + Site stay for per-client wiki passes (feedback_screenconnect_cleanup_wiki_source). + +## Update: 21:40 PT — SC cleanup BUG + remediation (shared-name cross-contamination) + +BUG in the fleet SC cleanup (sc-cleanup.py): GetSessionsByName matches by NAME across ALL clients (not client-scoped). Writing Company to shared/generic names cross-contaminated other clients' sessions with the last-processed client's value. Affected: SERVER (11 sessions across ~8 clients, all stamped 'Zeus Nestora'), Accounting (3, stamped Kittle), + within-client dups touched. Detected via non-idempotency (company changes never converged to 0). + +Remediation: +- Fixed tool: added `if len(ss)>1: continue` (never auto-write to a name returning >1 session). WAN map must be built ONLY from unique-named (len==1) machines. +- Remapped contaminated sessions to correct client via GuestNetworkAddress (WAN IP) -> client, matched against a WAN map from unique machines + verified hardcoded values: SERVER 8 correct (T&C Sorensen 71.228.149.143, Cutting Edge 174.79.36.35, Four Paws 184.183.92.86, Kittle 174.67.176.116, Brett 162.191.251.126, Gonzvar 70.166.119.148, Zeus 68.177.35.66 via CindyW, ACE Portables via aceadmin user); Accounting 1 -> Kittle (174.67.176.116). Restored single-RMM-owner dups: 0226-Lenovo/MSI->Safesite, DESKTOP-NFK4F5P->GND-Grabb, eng-dev-server->DF-Dataforth, RECEPTIONIST-PC->Cascades of Tucson. +- 5 sessions UNRECOVERABLE (originals overwritten, unidentifiable via RMM/UniFi/Syncro/WAN/reverse-DNS): 3 SERVER (67.1.219.218, 72.219.229.144 cox, 184.183.92.124 cox) + 2 Accounting (none, 184.191.16.88) -> left BLANK, need manual SC-console tagging. +Logged to errorlog (correction + friction). Rest of fleet (unique-named machines) unaffected. diff --git a/projects/gps-rmm-audit/tools/sc-cleanup.py b/projects/gps-rmm-audit/tools/sc-cleanup.py index 7f9e713f..fe2c2ed8 100644 --- a/projects/gps-rmm-audit/tools/sc-cleanup.py +++ b/projects/gps-rmm-audit/tools/sc-cleanup.py @@ -32,8 +32,11 @@ def dtype(h,os_): return "Desktop" DEPT=[("ACCT","Accounting"),("NURSE","Nursing"),("MFGR","Manufacturing"),("MFG","Manufacturing"), ("RCVG","Receiving"),("QCINSP","Quality"),("PROQC","Quality"),("QC","Quality"),("MAINT","Maintenance"), - ("RECEPT","Reception"),("SHIP","Shipping"),("CHEF","Dietary"),("MEMRECEPT","Memory Care"), - ("MDIRECTOR","Memory Care"),("SALES","Sales/Marketing"),("CONF","Conference"),("ENGI","Engineering")] + ("MEMRECEPT","Memory Care"),("MDIRECTOR","Memory Care"),("RECEPT","Reception"),("FRONTDESK","Front Desk"), + ("FRONT","Front Desk"),("SHIPPING","Shipping"),("SHIP","Shipping"),("CHEF","Dietary"),("KITCHEN","Dietary"), + ("SALES","Sales/Marketing"),("MARKETING","Marketing"),("ESTIMAT","Estimating"),("WAREHOUSE","Warehouse"), + ("WHSE","Warehouse"),("DISPATCH","Dispatch"),("PAYROLL","Payroll"),("BILLING","Billing"), + ("ADMIN","Administration"),("CONF","Conference"),("ENGI","Engineering"),("LOBBY","Lobby")] def dept(h): u=h.upper() for pat,d in DEPT: @@ -59,6 +62,7 @@ for c in sorted(targets): if maj and maj!=canon and not maj.strip()==canon: flags.append(f"{c}: '{maj}' -> '{canon}'") cc=dtc=dpc=0 for h,(a,ss) in sess.items(): + if len(ss)>1: continue # ambiguous: name shared across clients OR a within-client dup -> never auto-write (would cross-contaminate). Handle by-hand. dt=dtype(h,a.get("os_type","")); dp=dept(h) for s in ss: cur=list(s.get("CustomPropertyValues") or [])