# ClaudeTools on AD2 (Dataforth Domain Controller) ## Identity This is the AD2 workstation instance of ClaudeTools. This machine is a Windows Server on the Dataforth LAN (192.168.0.6). Your scope is Dataforth-only -- you do not need context about other clients. ## NO EMOJIS Use ASCII markers: [OK], [ERROR], [WARNING], [SUCCESS], [INFO] --- ## Git & Sync ### Gitea Credentials (no 1Password on this machine) - URL: https://git.azcomputerguru.com - Username: mike@azcomputerguru.com - Password: Gptf*77ttb123!@#-git - URL-encoded password: Gptf%2A77ttb123%21%40%23-git - API Token: 9b1da4b79a38ef782268341d25a4b6880572063f - Remote: https://mike%40azcomputerguru.com:Gptf%2A77ttb123%21%40%23-git@git.azcomputerguru.com/azcomputerguru/claudetools.git ### Branch: ad2 This machine operates on the `ad2` branch. The main workstation merges into main. ### /save behavior Save session logs to `session-logs/YYYY-MM-DD-session-ad2.md` (note the -ad2 suffix). After saving, commit and push to origin/ad2. ### /sync behavior ``` git fetch origin git rebase origin/main git push origin ad2 ``` --- ## Dataforth Network | Host | IP | Role | Notes | |------|-----|------|-------| | AD1 | 192.168.0.27 | Primary DC | Disk at 90%, C:\Engineering = 787 GB | | **AD2** | **192.168.0.6** | **This machine** | Secondary DC, TestDataDB, file shares | | D2TESTNAS | 192.168.0.9 | SMB1 proxy for DOS | Debian 13, Samba, SSH root/Paper123!@#-nas | | UDM | 192.168.0.254 | Gateway/Router | UniFi Dream Machine | | ESXi-122 | 192.168.0.122 | Hypervisor | ESXi | | ESXi-124 | 192.168.0.124 | Hypervisor | ESXi | | DOS stations | TS-01 to TS-30+ | Test stations | DOS 6.22, QuickBASIC ATE software | ### Credentials - AD Sysadmin: INTRANET\sysadmin / Paper123!@# - D2TESTNAS SSH: root@192.168.0.9 / Paper123!@#-nas - D2TESTNAS Samba: guest access (no password) - WINS/NPS: 192.168.0.27:1812/1813 - M365 Tenant: 7dfa3ce8-c496-4b51-ab8d-bd3dcd78b584 - Rsync daemon (NAS): port 873, module "test", user rsync / IQ203s32119 --- ## Local Resources | Resource | Path | |----------|------| | TestDataDB app | C:\Shares\testdatadb\ | | Test database | C:\Shares\testdatadb\database\testdata.db (SQLite, 2.2M+ records) | | TestDataDB API | http://localhost:3000 | | Parsers | C:\Shares\testdatadb\parsers\ (multiline.js, csvline.js, shtfile.js, spec-reader.js) | | Templates | C:\Shares\testdatadb\templates\datasheet-exact.js | | Import script | C:\Shares\testdatadb\database\import.js | | Export script | C:\Shares\testdatadb\database\export-datasheets.js | | Stage import | C:\Shares\testdatadb\import-all-stage.js | | NAS share | \\D2TESTNAS\test (mapped as T:) | | Datasheets share | X:\For_Web | | ProdSW (BAT files) | C:\Shares\test\COMMON\ProdSW\ | | Sync script | C:\Shares\test\scripts\Sync-FromNAS.ps1 (bidirectional, 15-min schedule) | --- ## DOS Update System - Batch Files ### Boot Sequence on DOS Machines ``` AUTOEXEC.BAT (v4.1) -> STARTNET.BAT (v2.0) -- init network, map T: and X: drives -> ATESYNC.BAT -> CTONW.BAT (v5.0) -- upload test data to network -> CTONWTXT.BAT (v2.3) -- upload C:\STAGE\*.TXT to T:\STAGE\%MACHINE% -> NWTOC.BAT (v5.0) -- download updates from network ``` ### Current Production Versions (on AD2 & NAS) | File | Version | Last Update | Purpose | |------|---------|-------------|---------| | AUTOEXEC.BAT | v4.1 | 2026-03-12 | Startup config | | STARTNET.BAT | v2.0 | 2026-01-20 | Network init | | NWTOC.BAT | v5.0 | 2026-03-16 | Download updates from network | | CTONW.BAT | v5.0 | 2026-03-28 | Upload test data (5 steps with echo) | | CTONWTXT.BAT | v2.3 | 2026-03-28 | Upload Stage TXT files (no MD, dirs pre-created) | | CHECKUPD.BAT | v1.3 | 2026-01-20 | Check for updates | | UPDATE.BAT | v2.3 | 2026-01-20 | Full system backup | | STAGE.BAT | v1.0 | Original | Stage system file updates | | DEPLOY.BAT | v1.0 | 2026-01-20 | One-time deployment installer | ### DOS 6.22 Compatibility Rules - NO `IF NOT` -- unreliable on DOS 6.22. Use positive `IF EXIST` with GOTO - NO `IF /I` (case-insensitive compare) - NO `FOR /F` loops - NO `%COMPUTERNAME%` -- use `%MACHINE%` (set during DEPLOY) - `XCOPY /D` requires date parameter (`/D:mm-dd-yy`) - `MD` fails with error on existing directories -- pre-create dirs server-side - `COPY` without `/Y` hangs on overwrite prompts - All paths UPPERCASE for Samba compatibility - Line endings MUST be CRLF (0D 0A) --- ## Serial Number Encoding (DOS 8.3 filenames) QuickBASIC ATE encodes long serial numbers for 8.3 filenames: ``` First 2 digits replaced with hex letter if serial too long: 178236-12 -> H8236-12.TXT (17 -> H, charCode 72 - 55 = 17) 10819-1 -> A819-1.TXT (10 -> A, charCode 65 - 55 = 10) Decode: letter.charCodeAt(0) - 55 = numeric prefix Only applies when filename starts with [A-Z] followed by digits. H-prefix files have decoded SN inside the file (SN: 178236-12) A-prefix files have encoded SN inside the file (SN: A819-1) -- must decode to 10819-1 ``` --- ## Test Datasheet Pipeline ### 5-Stage Architecture 1. **DOS Test Programs** -> Write DAT files to C:\ATE\*LOG\ and TXT to C:\STAGE\ 2. **Boot Upload** -> CTONW.BAT copies DAT to T:\%MACHINE%\LOGS\, CTONWTXT copies TXT to T:\STAGE\%MACHINE% 3. **NAS <-> AD2 Sync** -> Rsync every 15 min (Sync-FromNAS.ps1 scheduled task) 4. **TestDataDB Import** -> import.js parses DAT into SQLite; export-datasheets.js generates TXT to X:\For_Web 5. **Web Share** -> X:\For_Web\ holds validated datasheets (501K+ files) ### import-all-stage.js (ready to run) Located at `C:\Shares\testdatadb\import-all-stage.js`. Processes ~8,100 TXT files: - Scans \\D2TESTNAS\test\STAGE\TS-*\*.TXT - Decodes hex-prefix serial numbers - Cross-references testdata.db by (serial_number, model_number) - Inserts missing records as log_type='SHT' - Copies to X:\For_Web\{decoded_serial}.TXT ``` cd C:\Shares\testdatadb node import-all-stage.js ``` ### Machine data volumes in STAGE | Machine | Files | |---------|-------| | TS-4L | 3,082 | | TS-4R | 2,741 | | TS-1R | 509 | | TS-8R | 478 | | TS-3R | 435 | | TS-11R | 325 | | TS-8L | 285 | | TS-11L | 248 | | TS-27 | 10 (already imported) | | TS-1L | 1 | ### Web Share Layout (X:\) - X:\For_Web -- Validated datasheets (production) - X:\For_Web_PDF -- PDF versions (4.7K files) - X:\Test_Datasheets -- Incoming/staging - X:\Bad_Datasheets -- Invalid files (18K) - X:\Datasheets_Log -- Processing logs --- ## Known Issues & Pending Work ### HIGH PRIORITY 1. **Run import-all-stage.js** -- 8,100 TXT files need cross-referencing and ingestion 2. **Website Upload Replacement** -- Old ASP.NET endpoints (Uploader.aspx) return 404. Need new approach. 3. **7B Series Datasheets** -- ~830K records can't generate datasheets (missing 7BMAIN.DAT spec file). Check ENGR share. 4. **Service Permissions** -- testdatadb runs as SYSTEM, causing file permission issues. Change to INTRANET\sysadmin. ### MEDIUM PRIORITY 5. **C2 IP Blocking** -- iptables rules added to UDM for 80.76.49.18 and 45.88.91.99. Need permanent rules in UniFi UI. 6. **MFA Enforcement** -- 19/38 users ready. Report-only until April 4, 2026. Monitor registration. 7. **Joel Lohr Account** -- Retiring March 31. Disable account post-retirement. Auto-reply set to Dan Center. --- ## Security Incident (2026-03-27) **DF-JOEL2 (192.168.0.143) compromised via phishing:** - Joel Lohr clicked phishing link in personal Yahoo email - ScreenConnect C2 installed, "Angel Raya" connected remotely - Two C2 backdoors deployed via PowerShell - C2 IPs: 80.76.49.18, 45.88.91.99 (AS399486, suspended by host) - IC3 Complaint: 1c32ade367084be9acd548f23705736f - ConnectWise Case: 03464184 - **Remediation complete:** IPs blocked, 3 rogue clients removed, password reset, sessions revoked - **No lateral movement detected** (32 machines scanned clean) --- ## Key Contacts | Person | Email | Role | |--------|-------|------| | John Lehman | jlehman@dataforth.com | Engineering, QB code, test specs | | Dan Center | dcenter@dataforth.com | Operations (replacing Joel) | | Peter Iliya | pIliya@dataforth.com | Applications Engineer | | AJ | dataforthgit@... | Engineering contact | | Ken Hoffman | (unresponsive) | TestDataSheetUploader author | | Georg Haubner | ghaubner@dataforth.com | Has pre-crypto backup on D: drive | --- ## Quick Reference Commands ```powershell # Check BAT files on NAS ssh root@192.168.0.9 'ls -la /data/test/COMMON/ProdSW/' # Trigger NAS sync Start-ScheduledTask -TaskName 'Sync-FromNAS' # Check sync log Get-Content 'C:\Shares\test\scripts\sync-from-nas.log' -Tail 20 # Check TestDataDB health curl http://localhost:3000/health # Query test records node -e "const db=require('better-sqlite3')('C:\\Shares\\testdatadb\\database\\testdata.db',{readonly:true});console.log(db.prepare('SELECT COUNT(*) as cnt FROM test_records').get())" # Check Stage files on NAS ssh root@192.168.0.9 'find /data/test/STAGE -name "*.TXT" | wc -l' ``` --- **Last Updated:** 2026-03-29