azcomputerguru/claudetools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
93ae7dbaaa104f00aa2ffd8faa031824453aa93c
claudetools/clients/cascades-tucson/docs/migration/session3-2026-03-07.md
Howard Enos 8d975c1b44 import: ingested 160 files from C:\Users\howar\Clients 
Howard's personal MSP client documentation folder imported into shared
ClaudeTools repo via /import command. Scope:

Clients (structured MSP docs under clients/<name>/docs/):
- anaise       (NEW)  - 13 files
- cascades-tucson     - 47 files merged (existing had only reports/)
- dataforth           - 18 files merged (alongside incident reports)
- instrumental-music-center - 14 files merged
- khalsa       (NEW)  - 22 files, multi-site (camden, river)
- kittle       (NEW)  - 16 files incl. fix-pdf-preview, gpo-intranet-zone
- lens-auto-brokerage (NEW) - 3 files (name matches SOPS vault)
- _client_template    - 13-file scaffold for new clients

MSP tooling (projects/msp-tools/):
- msp-audit-scripts/ - server_audit.ps1, workstation_audit.ps1, README
- utilities/         - clean_printer_ports, win11_upgrade,
                       screenconnect-toolbox-commands

Credential handling:
- Extracted 1 inline password (Anaise DESKTOP-O8GF4SD / david)
  to SOPS vault: clients/anaise/desktop-o8gf4sd.sops.yaml
- Redacted overview.md with vault reference pattern
- Scanned all 160 files for keys/tokens/connection strings -
  no other credentials found

Skipped:
- Cascades/.claude/settings.local.json (per-machine config)
- Source-root CLAUDE.md (personal, claudetools has its own)
- scripts/server_audit.ps1 and workstation_audit.ps1 at source root
  (identical duplicates of msp-audit-scripts versions)

Memory updates:
- reference_client_docs_structure.md (layout, conventions, active list)
- reference_msp_audit_scripts.md (locations, ScreenConnect 80-char rule)

Session log: session-logs/2026-04-16-howard-client-docs-import.md

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-16 19:43:58 -07:00

9.1 KiB
Raw Blame History

Session 3 — 2026-03-07: Backup Setup + Quick Wins

Focus: Priority 1 (backup/safety net) + quick remote fixes

Pre-Session Checklist

  • Howard has Synology DSM credentials ready
  • ScreenConnect access to CS-SERVER confirmed
  • pfSense web UI accessible

Step 1: Set Up Synology Active Backup for Business (~30 min)

1a. Install Active Backup for Business

  1. Log into Synology DSM at https://192.168.0.120:5001
  2. Open Package Center → search "Active Backup for Business"
  3. Install (free with Synology, no license key needed)
  4. Open Active Backup for Business from main menu

1b. Install ABB Agent on CS-SERVER

Via ScreenConnect on CS-SERVER:

  1. Open browser on CS-SERVER, go to https://192.168.0.120:5001
  2. Log into DSM → Active Backup for Business → Physical Server tab
  3. Click Add Device → download the Windows agent installer
  4. Run installer on CS-SERVER — it will ask for:
    • Synology NAS address: 192.168.0.120
    • DSM admin credentials
  5. Once agent connects, CS-SERVER should appear in the device list

1c. Create Backup Task

Setting Value
Source CS-SERVER (entire machine — C: + D:)
Destination Synology Volume 1
Schedule Daily at 2:00 AM
Retention 7 daily + 4 weekly
Compression Enabled
Transfer encryption Enabled

1d. Storage Check BEFORE Running First Backup

# Run on CS-SERVER to get actual data sizes
$cUsed = (Get-PSDrive C).Used / 1GB
$dUsed = (Get-PSDrive D).Used / 1GB
Write-Host "C: drive used: $([math]::Round($cUsed, 1)) GB"
Write-Host "D: drive used: $([math]::Round($dUsed, 1)) GB"
Write-Host "Total data: $([math]::Round($cUsed + $dUsed, 1)) GB"

Storage concern: Synology has ~540 GB free. CS-SERVER has ~137 GB on C: + ~455 GB on D: = ~592 GB total. First full backup may NOT fit if we include everything.

Options if space is tight:

  • Exclude pagefile.sys, hiberfil.sys, temp folders (ABB usually does this automatically)
  • Exclude C:\Windows\Temp, C:\Users\*\AppData\Local\Temp
  • Back up D: only (has the critical data — shares, Roaming profiles)
  • Check if ABB uses dedup/compression (it does — expect 40-60% compression)

1e. Run First Backup

  1. Click Back Up Now in the ABB console
  2. Monitor progress — first full backup of ~460 GB over Gigabit LAN should take 1-2 hours
  3. Verify backup starts successfully, note estimated completion time
  4. Can continue with other steps while backup runs

1f. Verify

  • ABB agent installed and connected on CS-SERVER
  • Backup task created with correct schedule/retention
  • First backup started successfully
  • Estimated completion time noted: ____________

Step 2: Export pfSense Config XML (~2 min)

  1. Open pfSense web UI → https://192.168.0.1
  2. Navigate to Diagnostics → Backup & Restore
  3. Click Download configuration as XML
  4. Save file locally, then copy to CS-SERVER:
# On CS-SERVER, create the directory
New-Item -Path "D:\Shares\IT\Backups\pfSense" -ItemType Directory -Force
  1. Upload the XML to D:\Shares\IT\Backups\pfSense\pfsense-config-2026-03-07.xml
  • pfSense XML saved to CS-SERVER

Step 3: Export AD/DNS/Permissions Snapshots (~10 min)

Run on CS-SERVER via ScreenConnect:

# Use the existing script
Set-Location "D:\Shares\IT"
# If script is available on the server:
# .\phase0-export-configs.ps1

# Or run inline:
$BackupRoot = "D:\Shares\IT\Backups"
$Timestamp = Get-Date -Format "yyyy-MM-dd_HHmm"

# Create directories
"AD", "DNS", "Permissions", "GPO" | ForEach-Object {
    New-Item -Path "$BackupRoot\$_" -ItemType Directory -Force | Out-Null
}

# AD exports
Import-Module ActiveDirectory
Get-ADUser -Filter * -Properties * | Export-Csv "$BackupRoot\AD\users_$Timestamp.csv" -NoTypeInformation
Get-ADComputer -Filter * -Properties * | Export-Csv "$BackupRoot\AD\computers_$Timestamp.csv" -NoTypeInformation
Get-ADGroup -Filter * -Properties * | Export-Csv "$BackupRoot\AD\groups_$Timestamp.csv" -NoTypeInformation
Get-ADGroupMember -Identity "Domain Admins" | Export-Csv "$BackupRoot\AD\domain-admins_$Timestamp.csv" -NoTypeInformation

# DNS export
Import-Module DnsServer
Get-DnsServerResourceRecord -ZoneName "cascades.local" | Export-Csv "$BackupRoot\DNS\cascades-local-records_$Timestamp.csv" -NoTypeInformation
Get-DnsServerZone | Export-Csv "$BackupRoot\DNS\zones_$Timestamp.csv" -NoTypeInformation

# DNS forwarder check (also verifies item G)
Get-DnsServerForwarder | Out-File "$BackupRoot\DNS\forwarders_$Timestamp.txt"
Write-Host "--- DNS Forwarder Check (should show 192.168.0.1) ---"
Get-DnsServerForwarder | Format-List

# File share permissions
Get-SmbShare | Export-Csv "$BackupRoot\Permissions\smb-shares_$Timestamp.csv" -NoTypeInformation
Get-SmbShare | Where-Object { $_.Path -like "D:\*" } | ForEach-Object {
    Get-SmbShareAccess -Name $_.Name | Out-File "$BackupRoot\Permissions\$($_.Name)-access_$Timestamp.txt"
}

# GPO report
Get-GPO -All | Export-Csv "$BackupRoot\AD\gpos_$Timestamp.csv" -NoTypeInformation

Write-Host "`nAll exports saved to $BackupRoot" -ForegroundColor Green
  • AD exports completed
  • DNS exports completed (including forwarder check)
  • Permissions exports completed
  • GPO report exported
  • DNS forwarder confirmed as 192.168.0.1 (item G): ____________

Step 4: Quick Remote Checks (~5 min)

Run on CS-SERVER while backup is in progress:

# === DISK HEALTH CHECK ===
# Try Dell OpenManage CLI
$omreport = "C:\Program Files\Dell\SysMgt\oma\bin\omreport.exe"
if (Test-Path $omreport) {
    Write-Host "=== DISK HEALTH (OpenManage) ===" -ForegroundColor Cyan
    & $omreport storage pdisk controller=0
} else {
    Write-Host "[WARN] Dell OpenManage CLI not found at expected path" -ForegroundColor Yellow
    Write-Host "Try OpenManage web UI at https://192.168.2.254:1311"
}

# === UNKNOWN LISTENING PORTS ===
Write-Host "`n=== UNKNOWN PORT IDENTIFICATION ===" -ForegroundColor Cyan

@(5504, 6783, 8019) | ForEach-Object {
    $port = $_
    $conn = Get-NetTCPConnection -LocalPort $port -ErrorAction SilentlyContinue
    if ($conn) {
        $proc = Get-Process -Id $conn.OwningProcess -ErrorAction SilentlyContinue
        Write-Host "Port $port -> PID $($conn.OwningProcess) -> $($proc.ProcessName) ($($proc.Path))" -ForegroundColor Green
    } else {
        Write-Host "Port $port -> No active listener" -ForegroundColor Yellow
    }
}

# === IIS CHECK ===
Write-Host "`n=== IIS WEBSITES ===" -ForegroundColor Cyan
try {
    Import-Module WebAdministration -ErrorAction Stop
    Get-Website | Format-Table Name, State, PhysicalPath, @{N='Bindings';E={$_.bindings.Collection.bindingInformation}} -AutoSize
} catch {
    Write-Host "[WARN] WebAdministration module not available: $_" -ForegroundColor Yellow
}

# === SERVER UPTIME & GENERAL HEALTH ===
Write-Host "`n=== SERVER HEALTH ===" -ForegroundColor Cyan
$os = Get-CimInstance Win32_OperatingSystem
Write-Host "Uptime: $((Get-Date) - $os.LastBootUpTime)"
Write-Host "Memory: $([math]::Round(($os.TotalVisibleMemorySize - $os.FreePhysicalMemory) / 1MB, 1)) GB used / $([math]::Round($os.TotalVisibleMemorySize / 1MB, 1)) GB total"
Get-PSDrive C, D | ForEach-Object {
    Write-Host "$($_.Name): $([math]::Round($_.Used/1GB,1)) GB used / $([math]::Round(($_.Used+$_.Free)/1GB,1)) GB total ($([math]::Round($_.Free/1GB,1)) GB free)"
}

Record results:

  • Disk health status: ____________
  • Port 5504 is: ____________
  • Port 6783 is: ____________
  • Port 8019 is: ____________
  • IIS serving: ____________

Step 5: Quick Fixes (if time permits, ~10 min)

5a. Fix Room 218 DHCP (Item H)

pfSense UI → Services → DHCP Server → Room218

  • Change Range End from 10.2.18.2 to 10.2.18.14

  • Save → Apply Changes

  • Room 218 DHCP range fixed

5b. Delete Room 130 Firewall Rule (Item I)

pfSense UI → Firewall → Rules → Room130

  • Delete the disabled TCP PASS rule

  • Apply Changes

  • Room 130 dead rule deleted

5c. Set CS-SERVER Timezone (Item K)

# Check current timezone
Get-TimeZone

# Set to Arizona (UTC-07:00, no DST — matches pfSense)
Set-TimeZone -Id "US Mountain Standard Time"

# Verify
Get-TimeZone
# Should show: (UTC-07:00) Arizona
  • CS-SERVER timezone set to Arizona

Post-Session Summary

Completed This Session

  • Synology Active Backup for Business installed and first backup running
  • pfSense config XML exported
  • AD/DNS/Permissions snapshots exported
  • DNS forwarder verified (item G)
  • Disk health checked
  • Unknown ports identified
  • IIS purpose documented
  • Room 218 DHCP fixed (item H)
  • Room 130 rule deleted (item I)
  • CS-SERVER timezone fixed (item K)

Next Session Plan

  1. Create firewall aliases (item D) — ~15 min
  2. Replace INTERNAL firewall rules (item E)
  3. Disable floating rule #4 + add room internet rule (item F)
  4. Delete VLAN 10 from UniFi (item J)

Information Gathered

Item Finding
DNS Forwarder
Disk Health
Port 5504
Port 6783
Port 8019
IIS Purpose
Backup Status
Storage Remaining
Reference in New Issue View Git Blame Copy Permalink