Howard Enos
b83c024ad2
- New laptop provisioned onsite at IMC Speedway: joined to imc.local, AD account created for Manda (incoming GM), Outlook bound to her M365 mailbox, Office activated via retail key, AIMsi USER#=4 per Leslie. - Syncro ticket #32218 invoiced — 1.5 hrs Onsite Business labor debited from IMC's prepay block (14.0 -> 12.5 hrs). - ServerIMC (192.168.0.63) confirmed as a real authentication-degrading phantom DC: SRV/A records claim it's a DC; LDAP/Kerberos refuse connections. Promoted from "unclear, worth verifying" (2026-04-13) to confirmed AD hygiene issue. Was the root cause of the 2026-04-22 remote domain-join failure. Needs follow-up ticket: repair or ntdsutil cleanup. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Instrumental Music Center (IMC)
Music retail + repair shop running AIMsi point-of-sale on-prem.
Infrastructure
Primary server: IMC1 (192.168.0.2)
- OS: Windows Server 2016 Standard (build 14393.7426)
- Role: Domain Controller (IMC.local), file server, AIMsi SQL host, RDS host
- Hardware: Dell R720, 4 physical cores
- Disks:
C:— OS + IIS + a few apps (419 GB, ~77% full as of 2026-04-13)E:— SQL backups, app installers, Server 2016 install media (E:\W2016)F:— Windows Image BackupsS:— Dedicated SSD (Samsung 850 PRO 256 GB), now holding AIMsi SQL DBs
Access
- SSH:
ssh IMC\guru@192.168.0.2(ed25519 key auth; PowerShell default shell) - VPN: OpenVPN
.ovpnprofile (subnet issues with Tailscale 192.168.0.0/24 overlap — disconnect Tailscale first) - Domain admin:
IMC\guru - AIMSQL sysadmin:
IMC\guru(added 2026-04-12 via single-user recovery)
AIMsi / SQL
- Instance:
IMC1\AIMSQL(MSSQL15 = SQL Server 2019 Express, despite folder name) - Databases on
S:\SQL\Data\:AIM.mdf(~8 GB) — production AIMsi databaseIMC.mdf(~9 GB) — legacy, usage unclear (kept out of caution)TestConv61223.mdf(~8 GB) — leftover from 2023-06-12 migration test; safe to droptempdb.mdf
- System DBs remain on
C:\Program Files\Microsoft SQL Server\MSSQL15.AIMSQL\MSSQL\DATA\(master, model, msdb)
Backups
- Local SQL backups:
E:\SQL\MSSQL14.SQLEXPRESS\MSSQL\Backup\IMCAIM_*.bak(nightly at 22:00) - Retention: Automated via
C:\Scripts\Clean-AimsiBackups.ps1scheduled taskIMC AIMsi Backup Retention(daily 23:30, runs as SYSTEM) - Policy: Last 14 dailies + 1st-of-month; safety override keeps 3 newest regardless
- Off-site: Cloudberry/MSP360 "Online Backup" at
C:\ProgramData\Online Backup\
AIM client share
\\IMC1\AIM→S:\AIM(4 connected users typical)- AIM.exe is a 128 KB launcher; real work happens against
IMC1\AIMSQL RequireSecuritySignature = Truein SMB server config — adds auth overhead
Known issues
- Component store corrupted (0x80073701 during RDS role removal). KB5075999 re-apply succeeds but rolls back on reboot due to ETW manifest error (HRESULT 15010, provider GUID
{9c2a37f3-e5fd-5cae-bcd1-43dafeee1ff0}) RDS removal is blocked→ pending 2019 migration strategy (in-place vs. clean)- Oversized
COMPONENTShive (~168 MB, normal is 30-50 MB) SMB1 enabledon server — should disable as security hygiene
Other servers in AD
IMC2— 2016 Essentials, last logon 2023, likely decommissionedIMC-VM— 2016 Standard, last logon 2021, deadSERVERIMC(192.168.0.63) — SSH-only, 2016 Essentials per AD, state unclear
Open work
- Decide Server 2019 migration path (in-place vs. clean build + migrate)
- Consider dropping
TestConv61223DB after verifying nothing references it - Disable SMB1
- Add IMC vault entry for SSH/SQL/domain credentials