azcomputerguru/claudetools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3858a76d35d6f386d6a4fe627d8482b8b720ccac
claudetools/.claude/memory/project_dataforth.md
Mike Swanson 0c000109dc chore(memory): consolidate scattered feedback/project/reference files 
Compressed memory store 104 -> 71 files via four passes:

- Syncro: 19 scattered feedback_syncro_* files merged into 3 rule files
  (api/billing/workflow) + an on-demand feedback_syncro_history.md for
  incident detail, quotes, and tech/product ID tables.
- Four near-duplicate merges: Howard paste-safety, Pluto build server,
  Howard backend deferral, IX server access (ssh+tailscale).
- Per-cluster rule/state/history split applied to GuruConnect (2->1),
  Dataforth (3->2), Cascades (7->3), GuruRMM (13->3).
- New reference_resource_map.md: single auto-loaded cheatsheet for
  "do I have access to X and how do I connect from this machine?"
- MEMORY.md rewritten to match the new layout.

Health: broken backlinks 8->7, overlap clusters 12->5, orphans 17->0.
2026-06-01 16:25:45 -07:00

32 lines
1.8 KiB
Markdown
Raw Blame History

---
name: Dataforth — current state (email, contacts, MFA posture)
description: Dataforth runs on M365 (Graph API for mail send); the neptune.acghosting.com Exchange is ACG's, NOT Dataforth's. MFA enforced 2026-04-04 across the tenant (3 CA policies). AJ at Dataforth needs forwarding from dataforthgit@. Incident history lives in project_dataforth_history.md.
type: project
---
Incident detail (2026-03-27 DF-JOEL2 compromise, attacker IPs, IC3, etc.) lives in [[project_dataforth_history]] — read on-demand.
## Email infrastructure
Dataforth's email runs on **Microsoft 365** (`sysadmin@dataforth.com`, tenant in vault at `clients/dataforth/m365.sops.yaml`).
**Don't confuse with `neptune.acghosting.com`** (`67.206.163.124`) — that Exchange entry in `clients/dataforth/neptune-exchange.sops.yaml` is **ACG-side infrastructure, not Dataforth's**. Do not use it for Dataforth email workflows.
**Send via Graph (SMTP basic auth is disabled):**
- Preferred: Microsoft Graph `POST /v1.0/users/sysadmin@dataforth.com/sendMail` with a client_credentials token.
- Alt: XOAUTH2 over SMTP.
- Entra app in vault at `clients/dataforth/m365.sops.yaml` under `credentials.entra-app`. Verify `Mail.Send` application permission is granted before use.
## Contacts
- **AJ (Dataforth):** messages to `dataforthgit@` need to forward to AJ. (Forwarding setup TBD — verify status.)
## MFA / CA posture
3 Conditional Access policies enforced **2026-04-04** across the tenant (deployed report-only after the 2026-03-27 incident, then promoted):
- Require MFA (skip from office IP `67.206.163.122`)
- Block foreign sign-ins (US only; `MFA-Travel-Bypass` group for exceptions)
- Block legacy auth
Status as of MFA rollout: 19/38 users were MFA-ready at enforcement; the rest registered before the deadline.
Reference in New Issue View Git Blame Copy Permalink