- Created 4 new vaults: Infrastructure (16), Clients (27), Projects (10), MSP Tools (5)
- Replaced credentials.md with op:// reference version (no plaintext secrets)
- Updated CLAUDE.md with 1Password access instructions for all workstations
- Service account (Agentic_Cli) for non-interactive CLI access
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Activated 1Password skill for Claude Code (extracted from .skill ZIP)
- Resolved Lonestar Electrical MDM issue: ManageEngine was configured as
third-party EMM in Google Workspace, causing persistent enrollment prompts
on joser's personal phone
- Scoped credentials.md migration to 1Password (op:// refs + MSP vaults)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Sorensen/RieussetCorp email routing fixed (MailProtector IP auth)
- Neptune SBR routing chain fully documented
- MVAN ScreenConnect deployed via Intune to JUNE and MODERN_STILE_20
- Lonestar MDM self-enrollment identified as cause of personal phone issue
- Dataforth AD1 disk analysis: C:\Engineering 787 GB on DC
- Tailscale routing, SSH keys, brightness fix, memory system to repo
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Deep diagnosis of RTX 5070 Ti GSP firmware crash (NVIDIA bug #5953411)
- Power management workarounds ineffective, confirmed known Blackwell issue
- Created MAC_BUILD_TASK.md handoff for M4 to do transcription
- Fixed critical CLAUDE.md case sensitivity bug (lowercase never loaded on Linux)
- Created Linux workstation machine spec
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Diagnosed terrible speaker quality on CachyOS - kernel using legacy HDA
driver instead of SOF, leaving AW88399 smart amp without DSP processing.
Fixed EasyEffects routing, created aggressive EQ preset, forced SOF via
modprobe config. Reboot pending to test.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Installed Ollama with GPU support (qwen3:14b, codestral:22b, nomic-embed-text),
configured GrepAI semantic code search with optimized 256-token chunks and
context file boosting, added MCP server integration and deep-explore agent.
Updated claude.md with local AI usage guidelines and 4-tier output review policy.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Redesigned community forum CSS for readability (GitHub Dark inspired)
- Installed Matomo 5.8.0 at analytics.azcomputerguru.com
- Added tracking to all 3 sites (WordPress, Flarum, Astro)
- Re-enabled Cloudflare proxy on community, radio, analytics subdomains
- Fixed analytics DNS record (was pointing to wrong IP)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Complete website for The Computer Guru Show (radio.azcomputerguru.com):
- Astro 6.0.4 static site with React islands
- 194 episodes imported from gurushow.com RSS feed
- Dark/light mode HSL design system
- Persistent audio player with session persistence
- Episode archive with search and season filtering
- Home page with animated hero, stats, latest episodes
- All pages: About, Subscribe, Community, Live, Contact, Blog, 404
- Podcast RSS feed with iTunes namespace
- Session log updated
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Dataforth: 2.24M records, pipeline operational, sync script deployed
- Radio show: project structure created, talking points for 2026-03-14 air date
- BG Builders: MFA reset for operations@bgbuildersllc.com via Graph API
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Updated comprehensive session log documenting:
## DOS System Completion (Part 1)
**Major Milestones:**
- Located and documented AD2 sync mechanism (Sync-FromNAS.ps1)
- Deployed 6 DOS batch files to production (AD2)
- Created DEPLOY.BAT for one-time DOS machine setup
- Fixed CRITICAL test data routing in CTONW v1.2
- Added root-level file sync (UPDATE.BAT, DEPLOY.BAT to T:\)
**CTONW v1.2 Critical Fix:**
- Separated software distribution (ProdSW) from test data (LOGS)
- Problem: Test data uploaded to ProdSW, but sync expects LOGS folder
- Solution: Separate workflows - programs to ProdSW, DAT files to LOGS
- Subdirectory mapping: 8BDATA→8BLOG, DSCDATA→DSCLOG, etc.
- Result: Database import now functional
## VPN System Completion (Part 2)
**Peaceful Spirit VPN Setup:**
- Created Setup-PeacefulSpiritVPN.ps1 (ready-to-run with credentials)
- Created Create-PeacefulSpiritVPN.ps1 (interactive with parameters)
- Created VPN_QUICK_SETUP.md (comprehensive 350+ line guide)
**Configuration:**
- Server: 98.190.129.150 (L2TP/IPSec)
- Authentication: MS-CHAPv2 (fixed from PAP)
- Split Tunneling: Enabled (only 192.168.0.0/24 uses VPN)
- Network: UniFi router at CC location
- DNS: 192.168.0.2, Gateway: 192.168.0.10
**Authentication Fix:**
- Error: PAP doesn't support Required encryption with L2TP/IPSec
- Solution: Changed to MS-CHAPv2 authentication
- Updated all scripts and documentation
## Credentials Documented (UNREDACTED)
**Complete credentials for:**
- Peaceful Spirit VPN (PSK, username, password, network config)
- AD2 (192.168.0.6) - C$ admin share connection method
- D2TESTNAS (192.168.0.9) - SMB1 proxy
- Jupiter (172.16.3.20) - Gitea server
- GuruRMM (172.16.3.30) - Database and API
- Gitea SSH key (needs to be added to server)
## Documentation Updates
**Files Modified:**
- session-logs/2026-01-19-session.md: Complete rewrite with both DOS and VPN work
- credentials.md: Added VPN section with network topology
- VPN_QUICK_SETUP.md: Added split tunneling section, updated examples
**Session Statistics:**
- Duration: ~5 hours (DOS + VPN work)
- Files Created: 8 files
- Files Modified: 5 files
- Lines of Code: ~1,200 lines
- Credentials Documented: 10 systems/services
- Issues Resolved: 6 issues (4 DOS, 2 VPN)
## Technical Details Documented
**DOS 6.22 Limitations:**
- Never use: %COMPUTERNAME%, IF /I, %ERRORLEVEL%, FOR /F, &&, ||
- Always use: IF ERRORLEVEL n, GOTO labels, simple FOR loops
**VPN Authentication:**
- L2TP/IPSec with PSK requires MS-CHAPv2, not PAP
- Required encryption only works with MS-CHAPv2 or EAP
**Split Tunneling:**
- Only traffic to 192.168.0.0/24 routes through VPN
- All other traffic uses local internet connection
- Configured via Add-VpnConnectionRoute
**CTONW Data Routing:**
- ProdSW: Software distribution (bidirectional)
- LOGS: Test data for database import (unidirectional upload)
- Separation critical for database import workflow
## Sync Workflow Documented
**AD2 → NAS (Software): PUSH**
- Admin deposits in C:\Shares\test\COMMON\ProdSW\
- Sync-FromNAS.ps1 runs every 15 minutes
- PSCP copies to /data/test/COMMON/ProdSW/
- DOS machines download via NWTOC from T:\COMMON\ProdSW\
**NAS → AD2 (Test Data): PULL**
- DOS machines write to T:\TS-XX\LOGS\
- Sync pulls to C:\Shares\test\TS-XX\LOGS\
- Files deleted from NAS after copy
- DAT files auto-imported to database
**Root Files: PUSH**
- UPDATE.BAT and DEPLOY.BAT sync to /data/test/ root
- Available at T:\UPDATE.BAT and T:\DEPLOY.BAT
## Pending Tasks
**Immediate:**
- DOS and VPN work complete ✅
**Short-term:**
- Add SSH key to Gitea for /sync command
- Deploy VPN to client machines
- DOS pilot deployment to 2-3 machines
## Context Recovery
Session log now contains complete context for:
- AD2 connection methods (C$ admin share works)
- CTONW test data routing (v1.2 separates ProdSW/LOGS)
- VPN authentication (MS-CHAPv2, not PAP)
- Split tunneling configuration
- All credentials unredacted
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Implemented comprehensive DOS 6.22 update system for ~30 test stations with
critical fix for test data database import routing.
## Major Changes
### DOS Batch Files (7 files)
- NWTOC.BAT: Download updates from network to DOS machines
- CTONW.BAT v1.2: Upload with separate ProdSW/LOGS routing (CRITICAL FIX)
- UPDATE.BAT: Full system backup to network
- STAGE.BAT: System file staging for safe updates
- REBOOT.BAT: Apply staged updates on reboot
- CHECKUPD.BAT: Check for available updates
- DEPLOY.BAT: One-time deployment installer for DOS machines
### CTONW v1.2 Critical Fix
Fixed test data routing to match AD2 sync script expectations:
- Software distribution: C:\ATE\*.EXE -> T:\TS-4R\ProdSW\ (bidirectional)
- Test data logging: C:\ATE\8BDATA\*.DAT -> T:\TS-4R\LOGS\8BLOG\ (upload only)
- Subdirectory mapping: 8BDATA->8BLOG, DSCDATA->DSCLOG, HVDATA->HVLOG, etc.
- Test data now correctly imported to AD2 database via Sync-FromNAS.ps1
### Deployment Infrastructure
- copy-to-ad2.ps1: Automated deployment to AD2 server
- DOS_DEPLOYMENT_GUIDE.md: Complete deployment documentation
- DEPLOYMENT_GUIDE.md: Technical workflow documentation
- credentials.md: Centralized credentials (AD2, NAS, Gitea)
### Analysis & Documentation (15 files)
- CTONW_ANALYSIS.md: Comprehensive compliance analysis
- CTONW_V1.2_CHANGELOG.md: Detailed v1.2 changes
- NWTOC_ANALYSIS.md: Download workflow analysis
- DOS_BATCH_ANALYSIS.md: DOS 6.22 compatibility guide
- UPDATE_WORKFLOW.md: Backup system workflow
- BEHAVIORAL_RULES_INTEGRATION_SUMMARY.md: C: drive integration
### Session Logs
- session-logs/2026-01-19-session.md: Complete session documentation
### Conversation Reorganization
- Cleaned up 156 imported conversation files
- Organized into sessions-by-date structure
- Created metadata index and large files guide
## Technical Details
### AD2 → NAS → DOS Sync Flow
1. Admin copies files to AD2: \192.168.0.6\C$\Shares\test\
2. Sync-FromNAS.ps1 runs every 15 minutes (AD2 → NAS)
3. DOS machines access via T: drive (\D2TESTNAS\test)
4. NWTOC downloads updates, CTONW uploads test data
5. Sync imports test data to AD2 database
### DOS 6.22 Compatibility
- No %COMPUTERNAME%, uses %MACHINE% variable
- No IF /I, uses multiple case-specific checks
- Proper ERRORLEVEL checking (highest values first)
- XCOPY /S for subdirectory support
- ASCII markers ([OK], [ERROR], [WARNING]) instead of emojis
### File Locations
- AD2: C:\Shares\test\COMMON\ProdSW\ (deployed)
- NAS: T:\COMMON\ProdSW\ (synced)
- DOS: C:\BAT\ (installed)
- Logs: T:\TS-4R\LOGS\8BLOG\ (test data for database import)
## Deployment Status
✅ All 7 batch files deployed to AD2 (both COMMON and _COMMON)
⏳ Pending sync to NAS (within 15 minutes)
⏳ Pending pilot deployment on TS-4R
📋 Ready for rollout to ~30 DOS machines
## Breaking Changes
CTONW v1.1 → v1.2: Test data now uploads to LOGS folder instead of ProdSW.
Existing machines must download v1.2 via NWTOC for proper database import.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
