Files

Howard Enos 8d975c1b44 import: ingested 160 files from C:\Users\howar\Clients

Howard's personal MSP client documentation folder imported into shared
ClaudeTools repo via /import command. Scope:

Clients (structured MSP docs under clients/<name>/docs/):
- anaise       (NEW)  - 13 files
- cascades-tucson     - 47 files merged (existing had only reports/)
- dataforth           - 18 files merged (alongside incident reports)
- instrumental-music-center - 14 files merged
- khalsa       (NEW)  - 22 files, multi-site (camden, river)
- kittle       (NEW)  - 16 files incl. fix-pdf-preview, gpo-intranet-zone
- lens-auto-brokerage (NEW) - 3 files (name matches SOPS vault)
- _client_template    - 13-file scaffold for new clients

MSP tooling (projects/msp-tools/):
- msp-audit-scripts/ - server_audit.ps1, workstation_audit.ps1, README
- utilities/         - clean_printer_ports, win11_upgrade,
                       screenconnect-toolbox-commands

Credential handling:
- Extracted 1 inline password (Anaise DESKTOP-O8GF4SD / david)
  to SOPS vault: clients/anaise/desktop-o8gf4sd.sops.yaml
- Redacted overview.md with vault reference pattern
- Scanned all 160 files for keys/tokens/connection strings -
  no other credentials found

Skipped:
- Cascades/.claude/settings.local.json (per-machine config)
- Source-root CLAUDE.md (personal, claudetools has its own)
- scripts/server_audit.ps1 and workstation_audit.ps1 at source root
  (identical duplicates of msp-audit-scripts versions)

Memory updates:
- reference_client_docs_structure.md (layout, conventions, active list)
- reference_msp_audit_scripts.md (locations, ScreenConnect 80-char rule)

Session log: session-logs/2026-04-16-howard-client-docs-import.md

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-04-16 19:43:58 -07:00

4.5 KiB

Raw Blame History

Active Directory

Domain Info

Domain: intranet.dataforth.com
Forest Level: Windows Server 2016
Domain Level: Windows Server 2016
Domain Controllers: AD1 (192.168.0.27, primary), AD2 (192.168.0.6, secondary)
FSMO Roles: All on AD1 (assumed)

Organizational Units

OU	Purpose	Entra Sync
Domain Controllers	DCs	—
CompanyUsers	Main user OU	—
Azure_Users	Azure-related users	—
SyncedUsers	Users synced to Entra ID	Yes
ServiceAccounts	Service accounts	No
Servers	Server computer accounts	—
Workstations	Workstation computer accounts	—
DistoGroups	Distribution groups	—

Active Human Users (as of 2026-04-02)

Name	Username	Last Logon	Notes
Ben Wadzinski	bwadzinski	2026-04-01
Jacque Antar	jantar	2026-04-01
Martin Florez	mflorez	2026-04-02
Kevin Wackerly	kwackerly	2026-03-30
Otto Fest	ofest	2026-03-30
Lee Payne	lpayne	2026-03-29
John Lehman	jlehman	2026-03-29	Engineering
Georg Haubner	ghaubner	2026-03-27	Engineering, has D: backup
Kellyn Wackerly	Kellynwackerly	2026-03-26
Jaime Becerra	JBecerra	2026-03-26
Angel Lopez	alopez	2026-03-25
Dan Center	dcenter	2026-03-23	Operations
Logan Tobey	ltobey	2026-03-23
Patricia	patricia	2026-03-23
Peter Iliya	pIliya	2026-03-23	Applications Engineer
Sandra Schock	sSchock	2026-03-23
Theresa Dean	tdean	2026-03-23
Bobbi Whitson	bwhitson	2026-03-23
Ayleen Montijo	aMontijo	2026-03-23
Ken Hoffman	khoffman	2026-03-10	Also has "oemdata" account
Ken Hoffman	oemdata	N/A	TestDataSheetUploader author
Joel Lohr	jlohr	2026-03-31	RETIRING — disable after 03/31

Service / System Accounts

Username	Purpose	Notes
sysadmin	Domain Admin	—
Administrator (Admin_3652)	Built-in admin	—
svc_testdatadb	TestDataDB service	OU=ServiceAccounts, created 2026-03-28
sqluser	SQL Server service	OU=ServiceAccounts
MSOL_664594195fe2	Entra ID Sync (Azure AD Connect)	—
ClaudeTools-ReadOnly	Read-only automation access	Purpose unclear

Machine / Functional Accounts

Assembly Stations: AS24, AS26, AS30, AS31, AS34
Test Stations: TS1, TS1L, TS1R, TS2L, TS2R, etc. (30+ stations)
Manufacturing: hipot, encap, Endcap, my9
Label/Scanning: labelpc, scan, scand2
Mobile: tablet01–07, hh01–04
Shared: confroom, Training

Disabled Accounts

Alex Mitev, Annie Chin, Bill Oldham, Brian Faires, Brian Scaramella, calibration, Jerry Lopez, John Barrios, Linda D, Maria Cota, Michele Hvidsten, Mizan Rahman, Moe Naseem, Stephen Poanessa, Steve Lehman, Support Pool, William Oldham, wcarr

Groups

Group	Scope	Notes
Domain Admins	Global	Standard
Enterprise Admins	Universal	Forest-wide
Schema Admins	Universal	Schema modification
Administrators	DomainLocal	Local admin
ADSyncAdmins	DomainLocal	Azure AD Connect
DnsAdmins	DomainLocal	DNS management
Hyper-V Administrators	DomainLocal	Hyper-V
Key Admins	Global	Key management
Enterprise Key Admins	Universal	Enterprise keys
Storage Replica Admins	DomainLocal	Storage replication

No custom security groups found — only default/built-in groups.

Group Policy Objects

GPO	Status	Last Modified
Default Domain Policy	AllSettingsEnabled	2026-03-02
Default Domain Controllers Policy	AllSettingsEnabled	2025-09-30
TrustedZones	AllSettingsEnabled	2025-10-01
Screenconnect	AllSettingsEnabled	2025-10-01
Profwiz	AllSettingsEnabled	2025-10-08
Mapped Drives	AllSettingsEnabled	2025-10-09

Drive Mappings (GPO: Mapped Drives)

Letter	Path	Purpose
B:	\\ad1\itsvc	IT service files
Q:	\\ad2\c-drive	AD2 C-drive share
S:	\\SAGE-SQL\sage	Sage ERP
T:	\\ad2\e-drive	AD2 E-drive share
W:	\\files-d1\sales	Sales docs
X:	\\ad2\webshare	Datasheets (For_Web)
Y:	\\files-d1\archive	Archive

Action Items

[HIGH] Disable jlohr account — retirement was 2026-03-31, OVERDUE
Investigate ClaudeTools-ReadOnly account purpose
Ken Hoffman has two accounts (khoffman + oemdata) — consolidate?

4.5 KiB Raw Blame History Unescape Escape