claudetools/wiki/clients/grabb-durando.md

type, name, display_name, last_compiled, compiled_by, sources, backlinks

type	name	display_name	last_compiled	compiled_by	sources	backlinks
client	grabb-durando	Grabb & Durando, P.C.	2026-05-24	DESKTOP-0O8A1RL/claude-main	clients/grabb-durando/session-logs/2026-05-04-leap-m365-calendar-fix.md clients/grabb-durando/reports/2026-05-04-leap-calendar-permission-investigation.md clients/grabb-durando/ai-demand-review/CONTEXT.md clients/grabb-durando/PROJECT_STATE.md clients/grabb-durando/website-migration/README.md clients/grabb-durando/gururmm-diag-GND-SERVER-20260512-155234.txt	projects/gururmm

Grabb & Durando, P.C.

Profile

• Company type: Plaintiff personal injury law firm (Arizona)
• Contract type: Managed (MSP) — includes M365 tenant management
• Key contacts:
  • Robert Grabb — rgrabb@grabblaw.com (principal — AI demand review project)
  • Svetlana Larionova — slarionova@grabblaw.com (end user; Leap calendar support 2026-05-04)
  • sysadmin@grabblaw.com — shared admin account (M365 GA operations)
  • guru@grabblaw.com — ACG-managed Global Admin account [unverified — referenced in remediation report]
• Billing rate: [unverified — not documented in available files]
• Active ticket: [unverified — no current open Syncro ticket found in sources]
• Syncro customer ID: [unverified — not present in available session logs]

Infrastructure

Servers & Services

Host	IP	Role	OS	Notes
GND-SERVER	[unverified]	On-premise server	Windows Server 2019 Standard, AMD64	GuruRMM agent installed 2026-05-12 via site-specific MSI
GoDaddy VPS	208.109.235.224	Custom PHP web app (data.grabbanddurando.com)	CloudLinux 9.6, cPanel v126	99% disk full as of website migration plan — status post-migration unknown [unverified]
ix.azcomputerguru.com (IX)	72.194.62.5	ACG shared hosting — migration target	CloudLinux 9.7, cPanel	Migration planned but no session log confirms completion [unverified]
WebSvr (ACG)	162.248.93.81	Main domain (grabbanddurando.com) DNS/hosting	ACG managed	Nameserver authority for grabbanddurando.com zone

Email & Identity

• M365 tenant: grabblaw.com (tenant ID 032b383e-96e4-491b-880d-3fd3295672c3)
• Licenses: O365 Business Premium (confirmed on multiple users)
• MFA status: [unverified]
• User-consent policy: microsoft-user-default-recommended + microsoft-user-default-allow-consent-apps — high-risk delegated scopes (Mail.ReadWrite, Files.ReadWrite.All) require admin approval
• Leap (legal case management): Two service principals registered in tenant:
  • LEAP daemon/service app — 5602fc50-4c30-4faa-a595-e5a0f15d2cce (app-only, tenant-wide consent already granted)
  • LEAP user-facing/delegated app — a7d19842-33e2-457b-a399-d4e6ec010f0a (per-user or tenant-wide consent; tenant-wide granted 2026-05-04)
• Inky/GuruProtect: Installed (confirmed in email headers)
• GuruRMM Security Investigator app: Consented in tenant (used for read-only Graph investigation 2026-05-04)

Network

• ISP / WAN: [unverified]
• Firewall: [unverified]
• VPN: [unverified]

Web Applications

• Primary site: grabbanddurando.com — hosted on WebSvr (ACG)
• Data app: data.grabbanddurando.com — custom PHP 7.4 app using mysqli; GoDaddy cPanel account grabbandurando, document root /home/grabbanddurando/public_html/new_gdapp/, database grabblaw_gdapp (31 MB)
• Case management: Leap — integrated with M365 calendar/mail via delegated OAuth

GuruRMM

• Site name: Main Office
• Client code: [unverified — not documented in available files; MSI was site-specific]
• Site ID: d526d700-7210-48b1-94a9-40c87a29dc25 (from agent registry, this is the SiteId value baked into the MSI)

Enrolled Agents

Agent	Host	OS	Version at install	Agent key (partial)	Notes
GND-SERVER	GND-SERVER	Windows Server 2019	0.6.2 (2026-05-12)	agk_NEzx7sRA9Jd...	Installed via MSI gururmm-agent-grabb-main-office.msi; running as LocalSystem; [WARNING] binary path issue noted at install time — path in registry did not match actual binary location

• GuruRMM agent ID: [unverified — agent ID not captured in available files; use dashboard to confirm]
• Agent log: C:\ProgramData\GuruRMM\agent.log.2026-05-12 (0 bytes at install time)
• Network connectivity check (2026-05-12): External HTTPS to rmm.azcomputerguru.com [OK]; internal API (172.16.3.30:3001) [FAIL — timeout, expected for external client]

Access

• M365 admin: Entra portal via sysadmin@grabblaw.com or guru@grabblaw.com
• GoDaddy VPS (source): ssh -i ~/.ssh/id_ed25519 root@208.109.235.224
• IX server (hosting target): ssh root@ix.azcomputerguru.com
• WebSvr (DNS): ssh root@websvr.acghosting.com
• Vault path: clients/grabb-durando/ [unverified — no confirmed SOPS entries found in session logs; check vault before assuming paths]
• Database credentials (GoDaddy): [WARNING] Database password e8o8glFDZD appears in plaintext in clients/grabb-durando/website-migration/README.md — migrate to vault before any future work on this project

Patterns & Known Issues

• Leap OAuth consent pattern: New hires at Grabb & Durando will NOT automatically have Leap M365 calendar sync enabled. As of 2026-05-04 tenant-wide consent was granted on the LEAP delegated app — new users should now get through the consent flow without admin intervention. Verify this holds for next new hire.
• Leap identity binding trap: If an admin signs in to Leap on a user's machine to grant consent, Leap stores the admin's identity token instead of the user's. Symptom: Leap syncs the wrong mailbox and throws "unable to subscribe to notifications." Fix: revoke admin OAuth grant, clear %LOCALAPPDATA%\Microsoft Corporation\ Leap cache, re-sign in as the correct user.
• SYSTEM context in GuruRMM commands: Agent runs as LocalSystem. HKCU probes from GuruRMM commands read the SYSTEM hive, not a logged-in user's. Use HKU:\<SID> path for per-user registry work.
• Website migration (data.grabbanddurando.com): PHP 7.4 app, 1.8 GB files + 31 MB database. Migration target is IX (ix.azcomputerguru.com). Migration plan is detailed; no session log confirms completion — assume NOT migrated until verified.

Active Work

• AI Demand Review System (scoping/pre-quote as of 2026-05-12): Robert Grabb wants a custom Claude API web application for AI-assisted pre-suit demand package preparation. 11-category document upload UI, structured Claude output (case snapshot, liability, medical chronology, demand letter, etc.), DOCX/PDF export, per-case audit log. Estimated 32–48 hrs, $4,000–$6,960 flat fee range. Discovery call questions outstanding (user count, Leap API, file server structure). See clients/grabb-durando/ai-demand-review/CONTEXT.md for full spec.
• Website migration (data.grabbanddurando.com → IX): Status unknown. GoDaddy VPS was 99% full as of project planning. No completion session log found. [WARNING] Verify migration status before any GoDaddy VPS work or billing.

History Highlights

Date	Event
Pre-2026	Established MSP client; M365 tenant (grabblaw.com) under ACG management; Leap deployed firm-wide
2025-12-15	Website migration session logs referenced (in old claude-projects path) — data.grabbanddurando.com migration likely attempted [unverified from available files]
2026-04-20	PROJECT_STATE.md created noting website migration stalled, no session logs recorded at that time
2026-05-04	Howard: Leap M365 calendar sync for Svetlana Larionova — OAuth consent investigation + tenant-wide LEAP consent granted by Mike; Leap identity token cleanup; Teams external-share limitation explained; second monitor added
2026-05-12	GuruRMM agent installed on GND-SERVER via site-specific MSI (v0.6.2). Diagnostic run confirms agent service running. AI demand review project kicked off — Phase Two Package delivered by Robert Grabb, ACG scoping review begun.

Backlinks

• projects/gururmm — GND-SERVER enrolled (site: Main Office)