Mike Swanson
a42d657c55
Session logs: root (Michael #32329 hosting offer + IX simplehost.email autodiscover DNS fix + Cascades #32332 emergency correction) + Quantum client log (M365 tenant 2fd0092b onboarding, break-glass GA, CA report-only). Syncro rule overhaul: - Emergency billing: prepaid -> 26184 @ hours x1.5 (was 26118); non-prepaid -> 26184 with channel rate (onsite $262.50 / remote+inshop $225) - Never make up labor items (existing product + real name; QuickBooks sync) - Corrections preserve original tech's user_id (commission); adding notes/labor never changes ticket owner /remediation-tool: Conditional Access may be managed programmatically (report-only first + exclude break-glass + confirm before enforce); fabb3421 deprecated for customer tenants; Quantum tenant onboarded (gotchas table). Memory: 4 new (no-madeup-labor, corrections-preserve-tech, ca-programmatic, quantum-godaddy-tenant) + updates. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2.7 KiB
name, description, metadata
| name | description | metadata | ||
|---|---|---|---|---|
| quantum-godaddy-m365-tenant | Quantum Wealth Management M365 migration uses a NEW fully-onboarded tenant 2fd0092b (quantumwms.com verified+primary); the old GoDaddy tenant ddf3d2c9 was bypassed, not taken over |
|
During the Quantum Wealth Management email migration (Intermedia HEX -> Microsoft 365, Syncro #32323), Pax8 reported quantumwms.com was "already attached to a tenant." Unauthenticated discovery (2026-05-27) confirmed:
- Existing tenant:
ddf3d2c9-b76c-40d9-a216-9f11a1a26f97, default domainnetorg18235235.onmicrosoft.com, brand name "quantumwms.com", Managed, NA region. TheNETORG#######.onmicrosoft.compattern = GoDaddy-provisioned M365 tenant. quantumwms.comitself returns realm Unknown (added but not verified-as-primary in that tenant) — this pending/parked claim is what blocks Pax8.- Mail is on Intermedia (
*.exch090.serverdata.net; SPFspf.intermedia.net), with GoDaddy (secureserver.net) + Proofpoint Essentials (ppe-hosted.com) still in SPF. So the GoDaddy M365 tenant is almost certainly dormant (no mailboxes there).
Why this matters: It's a Managed tenant, so there is NO DNS-based admin takeover (that only works on unmanaged/viral tenants). Access requires the customer's GoDaddy account login / the tenant Global Admin, or GoDaddy releasing it.
RESOLUTION (2026-05-27): Mike chose to spin up a fresh tenant rather than take over GoDaddy's (only 2 users — cleaner). The operative tenant is now 2fd0092b-e9b7-474c-ad73-301f34dd6b64 ("Quantum Wealth Management", quantumwms.onmicrosoft.com): quantumwms.com is verified + primary there, john@/sheila@ are licensed (Pax8 M365), sysadmin@quantumwms.com is the ACG admin. Pax8 GDAP approved + the full ComputerGuru app suite consented & directory-roles assigned via onboard-tenant.sh (Tenant Admin, Security Investigator, Exchange Operator, User Manager, Defender; Exch/User/Auth/CA roles). The GoDaddy tenant ddf3d2c9 (netorg18235235.onmicrosoft.com) was bypassed — it never verified the domain, so the new tenant claimed it; no GoDaddy takeover/defederate needed. Remaining migration steps: PST backups of both mailboxes (Intermedia has no server-side export), DNS cutover (MX/autodiscover/archival+sent-mail-encryption — Jen Curry/IFG meeting Thu 2026-05-28 1PM), then move mail Intermedia -> M365. Tracked on Syncro #32323; tenant row added to remediation-tool gotchas.md table.
(Historical) original blocker: Pax8 reported the domain "attached to a tenant" = the GoDaddy-provisioned ddf3d2c9 (NETORG onmicrosoft). Managed tenant, so no DNS takeover; would have needed GoDaddy GA access. Superseded by the fresh-tenant decision above.