- Update guru-rmm submodule pointer (SPEC-017 mobile device support)
- Record Apple Developer + MDM Push certs (acquired 2026-05-29); MDM push
cert renews annually on the same Apple ID or all enrolled iOS devices break
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Add the Memory Care Reception Epson ET-5800 (EPSON833571, 10.0.20.78,
dc:cd:2f:83:35:71) as a named print share on CS-SERVER. The printer was
previously pending a UniFi switch replacement; it is now online on VLAN 20.
- Created TCP port TCP_10.0.20.78 and shared as MCReception via GuruRMM
remote PS (driver already present from FrontDesk ET-5800 setup)
- Updated printers.md entry #12 with IP, MAC, share path, and Online status
- Added MCReception to active-directory.md printer table with OU=Care-Memorycare
ILT scope; GPO count bumped to 14
- Added MCReception entry to phase2-print-server.ps1 for reference
Access: OU=Care-Memorycare via Printer Deployment GPO (unlinked until Phase 3).
Alma Montt (cloud-only M365) connects manually to \CS-SERVER\MCReception.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Created .claude/TEMP_GRADUATION.md with review protocol before cleanup
- Graduation decision tree and checklist
- Examples from May 2026 cleanup (what should have been kept)
- Added to CLAUDE.md reference section
temp/ is local scratch (probe drafts, JSON dumps, debug scripts). It was being
swept into every /save by sync.sh's git add -A. Now ignored + untracked (files
remain on disk; history unchanged).
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
/rmm diagnose: dispatches a Windows security/health probe to a newly onboarded
agent, grades RED/AMBER/GREEN, writes an immutable per-client baseline
(clients/<slug>/onboarding-baselines/), diffs vs prior, and alerts CRITICALs to
#dev-alerts. Probe is PS5.1/ASCII/SYSTEM-safe, never-abort, base64 chunked upload
around the agent command-size cap. Code-reviewed (no blockers); folded in
immutability guard, severity-independent finding ids, Defender-unknown sentinel,
expanded competitor/backup detection.
First baselines captured: Rednour FRONTDESKRECEPT + LEGALASST (both RED - prior
MSP ScreenConnect/Splashtop/Syncro still live; LEGALASST OS EOL).
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
- Pluto memory/wiki/machine notes: Unraid VM "Claude-Builder" == hostname PLUTO ==
172.16.3.36 (same box); RMM-agent access path when SSH key unauthorized; now also
builds the GuruConnect Windows agent + hosts a Gitea Actions runner.
- New feedback memories: post #bot-alerts only for client/ticket-affecting RMM commands;
proceed autonomously through routine infra/build prerequisites.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Documents the full GuruRMM onboarding process (POST /api/clients, POST /api/sites
with one-time api_key capture), the vault storage step, and the sops-encryption
gotchas hit while onboarding Rednour Law Offices (--config required, quote dates,
secrets under credentials:).
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Corrected the 2026-05-28 SmartBadge fix on KSTEENBB2025: the older Datto
Workplace Desktop v8 had been left in place (diverged from the fleet, which
runs Datto Workplace v10.53.4 / Workplace2). Removed v8, installed v10,
aligned the SmartBadge _CC add-in + CLSID to the EVO-X1 reference, and cleared
Kristin's stuck per-user LoadBehavior=2.
- ksteen-smartbadge-verify.ps1: PASS/FAIL verdict vs fleet reference
- ksteen-smartbadge-fix.ps1: machine + per-user remediation
- check-ksteen-smartbadge.sh: daily runner (RMM -> verdict -> #bot-alerts,
coord message to Mike on drift); driven by a 7-day scheduled task on GURU-5070
- wiki: agents table, dual-Workplace SmartBadge known issue + fleet standard,
2026-05-28/29 history
Syncro #32339. Coord todo 4a5b09b3 (watch expires 2026-06-05).
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
guru-connect is now tracked as a submodule (azcomputerguru/guru-connect @ e3e95f8);
its working state was published to the GC repo first, so no content is lost. guru-rmm
advanced to include ADR-008 (GC integration boundary) replayed on top of the team's
Integrations Center / discovery advances. Includes the native-remote-control spec
(now inside the GC submodule), the versionable-products memory, and the session log.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
