Howard Enos
8d975c1b44
Howard's personal MSP client documentation folder imported into shared
ClaudeTools repo via /import command. Scope:
Clients (structured MSP docs under clients/<name>/docs/):
- anaise (NEW) - 13 files
- cascades-tucson - 47 files merged (existing had only reports/)
- dataforth - 18 files merged (alongside incident reports)
- instrumental-music-center - 14 files merged
- khalsa (NEW) - 22 files, multi-site (camden, river)
- kittle (NEW) - 16 files incl. fix-pdf-preview, gpo-intranet-zone
- lens-auto-brokerage (NEW) - 3 files (name matches SOPS vault)
- _client_template - 13-file scaffold for new clients
MSP tooling (projects/msp-tools/):
- msp-audit-scripts/ - server_audit.ps1, workstation_audit.ps1, README
- utilities/ - clean_printer_ports, win11_upgrade,
screenconnect-toolbox-commands
Credential handling:
- Extracted 1 inline password (Anaise DESKTOP-O8GF4SD / david)
to SOPS vault: clients/anaise/desktop-o8gf4sd.sops.yaml
- Redacted overview.md with vault reference pattern
- Scanned all 160 files for keys/tokens/connection strings -
no other credentials found
Skipped:
- Cascades/.claude/settings.local.json (per-machine config)
- Source-root CLAUDE.md (personal, claudetools has its own)
- scripts/server_audit.ps1 and workstation_audit.ps1 at source root
(identical duplicates of msp-audit-scripts versions)
Memory updates:
- reference_client_docs_structure.md (layout, conventions, active list)
- reference_msp_audit_scripts.md (locations, ScreenConnect 80-char rule)
Session log: session-logs/2026-04-16-howard-client-docs-import.md
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
143 lines
4.8 KiB
PowerShell
143 lines
4.8 KiB
PowerShell
<#
|
|
.SYNOPSIS
|
|
Phase 3.1 Step 5: Post-domain-join verification.
|
|
.DESCRIPTION
|
|
Verifies GPO application, drive mappings, printer deployment, and network
|
|
connectivity after a workstation has been joined to cascades.local.
|
|
Run on the joined machine after reboot, logged in with a domain account.
|
|
#>
|
|
|
|
Write-Host "=== Phase 3: Post-Join Verification - $env:COMPUTERNAME ===" -ForegroundColor Cyan
|
|
Write-Host "Logged in as: $env:USERDOMAIN\$env:USERNAME"
|
|
Write-Host ""
|
|
|
|
$issues = @()
|
|
|
|
# --- Domain membership ---
|
|
Write-Host "--- Domain Membership ---" -ForegroundColor Yellow
|
|
|
|
$cs = Get-WmiObject Win32_ComputerSystem
|
|
if ($cs.PartOfDomain) {
|
|
Write-Host " [OK] Domain: $($cs.Domain)" -ForegroundColor Green
|
|
} else {
|
|
Write-Host " [FAIL] Not joined to domain!" -ForegroundColor Red
|
|
$issues += "Not domain-joined"
|
|
}
|
|
|
|
# --- DC locator ---
|
|
Write-Host "`n--- Domain Controller ---" -ForegroundColor Yellow
|
|
|
|
$nltest = nltest /dsgetdc:cascades.local 2>&1
|
|
if ($LASTEXITCODE -eq 0) {
|
|
$dcLine = $nltest | Select-String "DC:"
|
|
Write-Host " [OK] DC found: $dcLine" -ForegroundColor Green
|
|
} else {
|
|
Write-Host " [FAIL] Cannot locate domain controller" -ForegroundColor Red
|
|
$issues += "Cannot locate DC"
|
|
}
|
|
|
|
# --- GPO ---
|
|
Write-Host "`n--- Group Policy ---" -ForegroundColor Yellow
|
|
|
|
$gpresult = gpresult /r 2>&1
|
|
$appliedGPOs = $gpresult | Select-String "CSC -"
|
|
if ($appliedGPOs) {
|
|
foreach ($gpo in $appliedGPOs) {
|
|
Write-Host " [OK] Applied: $($gpo.Line.Trim())" -ForegroundColor Green
|
|
}
|
|
} else {
|
|
Write-Host " [WARN] No CSC GPOs detected - may need gpupdate /force" -ForegroundColor Yellow
|
|
$issues += "No CSC GPOs applied"
|
|
}
|
|
|
|
# --- Drive Mappings ---
|
|
Write-Host "`n--- Drive Mappings ---" -ForegroundColor Yellow
|
|
|
|
$expectedDrives = @("S:")
|
|
$mappedDrives = Get-PSDrive -PSProvider FileSystem | Where-Object { $_.DisplayRoot -like "\\*" }
|
|
|
|
foreach ($d in $mappedDrives) {
|
|
Write-Host " [OK] $($d.Name): -> $($d.DisplayRoot)" -ForegroundColor Green
|
|
}
|
|
|
|
if (-not $mappedDrives) {
|
|
Write-Host " [WARN] No mapped drives found - check GPO and logoff/logon" -ForegroundColor Yellow
|
|
$issues += "No mapped drives"
|
|
}
|
|
|
|
# SMB access test
|
|
try {
|
|
$testPath = Test-Path "\\192.168.2.254\Shares" -ErrorAction Stop
|
|
if ($testPath) {
|
|
Write-Host " [OK] \\CS-SERVER\Shares accessible" -ForegroundColor Green
|
|
} else {
|
|
Write-Host " [FAIL] \\CS-SERVER\Shares not accessible" -ForegroundColor Red
|
|
$issues += "Cannot access \\CS-SERVER\Shares"
|
|
}
|
|
}
|
|
catch {
|
|
Write-Host " [FAIL] SMB access error: $_" -ForegroundColor Red
|
|
$issues += "SMB access error"
|
|
}
|
|
|
|
# --- Printers ---
|
|
Write-Host "`n--- Printers ---" -ForegroundColor Yellow
|
|
|
|
$printers = Get-Printer -ErrorAction SilentlyContinue
|
|
$networkPrinters = $printers | Where-Object { $_.Type -eq "Connection" }
|
|
|
|
if ($networkPrinters) {
|
|
foreach ($p in $networkPrinters) {
|
|
Write-Host " [OK] $($p.Name) ($($p.PortName))" -ForegroundColor Green
|
|
}
|
|
} else {
|
|
Write-Host " [WARN] No network printers deployed - check GPO" -ForegroundColor Yellow
|
|
$issues += "No network printers"
|
|
}
|
|
|
|
# --- Network ---
|
|
Write-Host "`n--- Network Connectivity ---" -ForegroundColor Yellow
|
|
|
|
# Internet
|
|
$internet = Test-Connection -ComputerName "8.8.8.8" -Count 1 -Quiet -ErrorAction SilentlyContinue
|
|
if ($internet) {
|
|
Write-Host " [OK] Internet: working" -ForegroundColor Green
|
|
} else {
|
|
Write-Host " [FAIL] Internet: NOT working" -ForegroundColor Red
|
|
$issues += "No internet"
|
|
}
|
|
|
|
# DNS
|
|
try {
|
|
$dns = Resolve-DnsName "cs-server.cascades.local" -ErrorAction Stop
|
|
Write-Host " [OK] DNS: cs-server.cascades.local -> $($dns.IPAddress -join ', ')" -ForegroundColor Green
|
|
}
|
|
catch {
|
|
Write-Host " [FAIL] DNS: cannot resolve cs-server.cascades.local" -ForegroundColor Red
|
|
$issues += "DNS resolution failed"
|
|
}
|
|
|
|
# Ping DC
|
|
$ping = Test-Connection -ComputerName "192.168.2.254" -Count 1 -Quiet -ErrorAction SilentlyContinue
|
|
if ($ping) {
|
|
Write-Host " [OK] Ping CS-SERVER: reachable" -ForegroundColor Green
|
|
} else {
|
|
Write-Host " [WARN] Ping CS-SERVER: no response (ICMP may be filtered)" -ForegroundColor Yellow
|
|
}
|
|
|
|
# --- Summary ---
|
|
Write-Host "`n========================================" -ForegroundColor Cyan
|
|
if ($issues.Count -eq 0) {
|
|
Write-Host "ALL CHECKS PASSED" -ForegroundColor Green
|
|
} else {
|
|
Write-Host "ISSUES FOUND ($($issues.Count)):" -ForegroundColor Red
|
|
foreach ($i in $issues) {
|
|
Write-Host " - $i" -ForegroundColor Red
|
|
}
|
|
Write-Host "`nTroubleshooting:" -ForegroundColor Yellow
|
|
Write-Host " - Run: gpupdate /force" -ForegroundColor Yellow
|
|
Write-Host " - Log off and log on again (for user-level GPOs)" -ForegroundColor Yellow
|
|
Write-Host " - Check: gpresult /r (for GPO details)" -ForegroundColor Yellow
|
|
}
|
|
Write-Host "========================================" -ForegroundColor Cyan
|