Howard Enos
8d975c1b44
Howard's personal MSP client documentation folder imported into shared
ClaudeTools repo via /import command. Scope:
Clients (structured MSP docs under clients/<name>/docs/):
- anaise (NEW) - 13 files
- cascades-tucson - 47 files merged (existing had only reports/)
- dataforth - 18 files merged (alongside incident reports)
- instrumental-music-center - 14 files merged
- khalsa (NEW) - 22 files, multi-site (camden, river)
- kittle (NEW) - 16 files incl. fix-pdf-preview, gpo-intranet-zone
- lens-auto-brokerage (NEW) - 3 files (name matches SOPS vault)
- _client_template - 13-file scaffold for new clients
MSP tooling (projects/msp-tools/):
- msp-audit-scripts/ - server_audit.ps1, workstation_audit.ps1, README
- utilities/ - clean_printer_ports, win11_upgrade,
screenconnect-toolbox-commands
Credential handling:
- Extracted 1 inline password (Anaise DESKTOP-O8GF4SD / david)
to SOPS vault: clients/anaise/desktop-o8gf4sd.sops.yaml
- Redacted overview.md with vault reference pattern
- Scanned all 160 files for keys/tokens/connection strings -
no other credentials found
Skipped:
- Cascades/.claude/settings.local.json (per-machine config)
- Source-root CLAUDE.md (personal, claudetools has its own)
- scripts/server_audit.ps1 and workstation_audit.ps1 at source root
(identical duplicates of msp-audit-scripts versions)
Memory updates:
- reference_client_docs_structure.md (layout, conventions, active list)
- reference_msp_audit_scripts.md (locations, ScreenConnect 80-char rule)
Session log: session-logs/2026-04-16-howard-client-docs-import.md
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2.5 KiB
2.5 KiB
Step 1: Emergency Backup (~1 hour, remote)
Must complete before touching anything. HIPAA §164.308(a)(7) requires backup and disaster recovery for all PHI. No backup = non-compliance. Synology NAS and CS-SERVER both contain PHI.
1.1 — Set up Synology Active Backup for Business
See session3-2026-03-07.md Step 1 for detailed walkthrough.
- Log into Synology DSM at
https://192.168.0.120:5001 - Install "Active Backup for Business" from Package Center (free with Synology)
- Install ABB agent on CS-SERVER via ScreenConnect (download from DSM → ABB → Physical Server → Add Device)
- Create backup task:
- Source: CS-SERVER (192.168.2.254), entire machine (C: + D:)
- Destination: Synology Volume 1 (~540 GB free, expect ~300 GB after compression)
- Schedule: Nightly at 2:00 AM
- Retention: 7 daily + 4 weekly
- Compression + transfer encryption enabled
- Run first backup manually
- Verify it completes successfully before proceeding
Storage note: ~592 GB raw data, but ABB compression typically achieves 40-60% reduction. Should fit with room for incrementals. HIPAA critical: PHI backup must succeed before any other migration work begins.
1.2 — Export pfSense config
- Open pfSense web UI (192.168.0.1)
- Diagnostics → Backup & Restore → Download configuration as XML
- Save to
D:\Shares\IT\Backups\pfSense\on CS-SERVER
1.3 — Export configuration snapshots
Run on CS-SERVER via ScreenConnect:
# Script: scripts/phase0-export-configs.ps1
# See script for full commands
Exports: AD users/computers/groups, DNS records, NPS/RADIUS config, file share permissions (SMB + NTFS), GPO reports.
All exports saved to D:\Shares\IT\Backups\.
1.4 — Quick remote health checks
Run scripts/phase0-remote-checks.ps1 on CS-SERVER via ScreenConnect. Checks:
- Disk SMART health via Dell OpenManage
- Unknown listening ports (5504, 6783, 8019)
- IIS website audit
- DNS forwarder verification
- General server health (memory, disk, uptime)
Checklist
- Active Backup for Business installed and first backup completed
- pfSense XML backup saved
- AD export CSVs in
D:\Shares\IT\Backups\AD\ - DNS export in
D:\Shares\IT\Backups\DNS\ - NPS export in
D:\Shares\IT\Backups\NPS\ - Permissions exports in
D:\Shares\IT\Backups\Permissions\ - Remote health checks completed (disk, ports, IIS, DNS forwarder)
Rollback
Step 1 is read-only/additive. Nothing to roll back.