claudetools/wiki/clients/wolkin.md

---
type: client
name: wolkin
display_name: Wolkin Law
last_compiled: 2026-06-11
compiled_by: GURU-5070/claude-main
aliases: [wolkin-law, rswolkin, robert-wolkin, "Wolkin, Robert"]
sources:
  - clients/wolkin/session-logs/2026-06-05-julie-guda-provisioning.md
  - clients/wolkin/session-logs/2026-06-06-mike-gemini-install-rmm-diagnostic-tailscale-planning.md
  - clients/wolkin/session-logs/2026-06-07-mike-zerotier-setup.md
  - clients/wolkin/session-logs/2026-06-07-mike-wolkin-remote-access-printer.md
  - clients/wolkin/session-logs/2026-06-07-mike-wolkin-clientfiles-printshare.md
  - clients/wolkin/session-logs/2026-06-08-mike-wolkin-clientfiles-consolidation.md
  - clients/wolkin/onboarding-baselines/FRONT-20260606T133142.md
backlinks: []
---

# Wolkin Law

> **CANONICAL ARTICLE.** This one client was previously fragmented across four slugs —
> `wolkin`, `wolkin-law`, `rswolkin`, `robert-wolkin` (RMM client name: `Wolkin, Robert`;
> M365 tenant `rswolkin.com`). Consolidated here 2026-06-11; the other client dirs and wiki
> articles are now pointer stubs. Always use slug **`wolkin`**.

## Profile
- **Contract type:** (verify — check Syncro)
- **Key contacts:**
  - Robert (Bob) Wolkin - Owner/Attorney - robert@rswolkin.com
  - Julie - Employee/Assistant (remote worker) - julie@rswolkin.com
- **Billing rate:** (verify — check Syncro)
- **Hours remaining (if prepaid):** (verify — check Syncro)
- **Active ticket:** Syncro #32369 - Remote Work Access Setup (https://computerguru.syncromsp.com/tickets/112000321)

## Infrastructure

### Servers & Services

| System | Role | ZeroTier IP | LAN IP | GuruRMM Status | Notes |
|--------|------|-------------|--------|----------------|-------|
| FRONT | Office PC / print + file server | 10.147.19.199 | 192.168.1.153 | Enrolled | Hosts SMB shares (canonical `C:\Shared Data\CLIENT FILES`), Sharp printer; VSS shadow copies on C: |
| RSW-Laptop | Julie's remote laptop | 10.147.19.54 | N/A | Enrolled | Windows remote worker |
| DESKTOP-V1JT1SE | Bob's personal desktop | (not recorded) | (not recorded) | Enrolled | Owner's workstation |

**Total Assets:** (verify — check Syncro)

### GuruRMM

- **Client name:** `Wolkin, Robert` · **Site:** `Main` · **Site ID:** `2bb05f85-9fc8-4a7e-a5e5-ffe0c46431ac`
- **Enrolled agents** (Windows 11 Home; resolve live — UUIDs change on re-enroll):

| Hostname | Agent ID | Scope |
|---|---|---|
| **front** (office PC / print + file server) | `877d311a-4b24-462c-97b1-d2a0f7730a71` | in scope |
| **RSW-Laptop** (Julie's remote laptop) | `043fd673-35a2-4d3d-8f91-ed73ce70cc1e` | in scope |
| DESKTOP-V1JT1SE (Bob's personal desktop) | `30f6af79-ab19-4ed3-9ebc-71b2bffc2d27` | **out of scope** (personal) |

> [WARNING] The retired `wolkin-law.md` article listed FRONT's agent id as
> `04765560-3e8a-46e5-a507-c5f5f4ead6eb` — that is **Rednour's FrontDeskReception**, a
> cross-client error. FRONT (Wolkin) is `877d311a-…`.

### Email & Identity
- **M365 Tenant:** rswolkin.com (tenant ID `ceb6dbe7-82c8-4d8f-9c6b-49aa26208e9b` — from prior article, verify)
- **Licensed Users:**
  - robert@rswolkin.com (primary)
  - julie@rswolkin.com (assistant - has FullAccess delegation to robert@'s mailbox)
- **Mailbox Delegation:** Julie has FullAccess permissions to Robert's mailbox (configured 2026-06-07)

### Network
- **Office LAN:** 192.168.1.0/24 (corrected 2026-06-07 — the earlier 172.17.110.x was wrong; the 172.17.110.110 "RICOH" port was an orphan with no device)
- **ZeroTier VPN Network:** 17d709436c834c9b (mesh topology, connects remote workers to office)
- **Printer:** Sharp MX-B557F (driver "Sharp Universal v2 XL") at 192.168.1.158, raw TCP 9100. Shared as `\\front\Sharp`. (FRONT was moved from a flaky WSD port to a Standard TCP/IP 9100 port.)

**SMB Shares on FRONT (LAN `\\front\` or ZeroTier `\\10.147.19.199\`):**
- `\\front\ClientFiles` → `C:\Shared Data\CLIENT FILES` (canonical 413-matter repo; corrected 2026-06-08, share ACL Authenticated Users, `front\julie` NTFS Modify)
- `\\front\Forms` → `C:\Users\Owner\OneDrive\Desktop\Forms`
- `\\front\Pleadings` → `C:\Users\Owner\OneDrive\Desktop\Pleading Forms and Filing`
- `\\front\Scans` → `C:\Scans`
- `\\front\Sharp` → Sharp MX-B557F print share

## Access
- **FRONT\julie** (local Windows acct on both FRONT and RSW-Laptop; used for laptop→FRONT SMB/print auth): vault **`clients/wolkin/front-julie.sops.yaml`** (vaulted 2026-06-11).
- **M365 users** (robert@ / julie@ rswolkin.com): vault **`clients/wolkin/m365-users.sops.yaml`** (vaulted 2026-06-11; previously plaintext in the retired wolkin-law.md).
- **RDP/SSH:** None configured. **ScreenConnect:** used for hands-on (the GuruRMM agent cannot set local passwords — see Patterns).
- **VPN:** ZeroTier mesh `17d709436c834c9b` (10.147.19.0/24) — front 10.147.19.199, RSW-Laptop 10.147.19.54. `front` resolves via a hosts entry on the laptop (`10.147.19.199 FRONT`).
- **Vault path:** `clients/wolkin/`

## Patterns & Known Issues
- **macOS Syncro JSON parsing:** Syncro customer lookup from Mac failed due to JSON parsing issues (2026-06-07). Use Windows PC for Syncro API operations or manual web portal lookups.
- **ZeroTier print RPC needs Private profile:** File-and-Printer-Sharing inbound rules (incl. Print Spooler RPC) apply to the Private profile only. The ZeroTier interface was Public on both FRONT and RSW-Laptop, which blocked print/RPC over ZT while file SMB still worked. Fix: set the ZT interface Private on both ends. (Confirmed still Private both ends 2026-06-11.)
- **[KNOWN WALL] RSW-Laptop SMB to FRONT fails `net use`/`net view` with error 67 / RPC 1702 — scripted connection does NOT work; connect interactively.** First hit 2026-06-07, again 2026-06-11. Symptom: `net use \\FRONT\IPC$` (and by IP `\\10.147.19.199\IPC$`) → **System error 67 "network name cannot be found"**, `net view \\FRONT` → **1702 "binding handle invalid"** — even though everything underneath is healthy: ZeroTier up, name resolves, **TCP 445/139 open**, MTU 2800 carries full DF packets, FRONT spooler running + `Sharp` shared + profile Private + SMB-In allowed, laptop ZT adapter bindings (`ms_msclient`/`ms_server`) all present, and **error 67 persists even with valid `FRONT\julie` creds** (so it is NOT auth, NOT firewall, NOT MTU, NOT bindings, NOT profile). The scripted `Add-Printer -ConnectionName \\FRONT\Sharp` also throws error 67. **What works: a hands-on interactive connection via ScreenConnect as Julie** (how Mike cleared it 2026-06-07). Root cause of the redirector quirk over ZeroTier is still unidentified; do NOT burn hours re-deriving the plumbing — it is all verified clean. Diagnostic tip: `Get-NetAdapterBinding -Name "ZeroTier One [..]"` returns empty because the `[ ]` in the adapter name are treated as wildcards — query by `-InterfaceDescription "ZeroTier Virtual Port"` or pipe the adapter object.
- **Canonical data is local, not OneDrive:** the firm's repository is `C:\Shared Data\CLIENT FILES` on FRONT (local). OneDrive copies under `OneDrive\Documents` / `OneDrive\Shared Data` were stale predecessors from a defunct Resilio/ownCloud sync setup — consolidated and removed 2026-06-08. Win11 Home does not surface the Explorer "Previous Versions" tab; VSS restores are admin-side (mount the shadow volume).

## Active Work
- **Ticket #32369** (2026-06-07): Remote work setup for Julie
  - [x] ZeroTier VPN mesh configured (3 machines enrolled)
  - [x] SMB file shares mapped and tested
  - [x] M365 mailbox delegation (Julie → Robert FullAccess)
  - [x] Printer access via ZeroTier (Sharp `\\front\Sharp` over ZT; ZT set Private both ends; FRONT moved to TCP/IP 9100)
  - [x] ClientFiles share repointed to canonical `C:\Shared Data\CLIENT FILES` + data consolidated + VSS enabled (2026-06-08)
- **Open follow-ups:**
  - [ ] **RSW-Laptop printer broken again (2026-06-11):** Julie reports "no printers." `\\front\Sharp` is mapped but the SMB session to FRONT fails (error 67 — see Patterns). Plumbing verified clean; needs a **ScreenConnect/interactive reconnect** as Julie (scripted won't work). Consider rotating `front\julie` afterward (its password transited the RMM command log during diagnosis).
  - [x] **Migrate `front\julie` + M365 creds to vault** — DONE 2026-06-11 (`clients/wolkin/front-julie.sops.yaml`, `clients/wolkin/m365-users.sops.yaml`).
  - [x] **Consolidate the four Wolkin slugs** — DONE 2026-06-11 (canonical `wolkin`; wolkin-law/rswolkin/robert-wolkin stubbed).
  - [ ] Bob to file the 67 loose docs in `CLIENT FILES\Closed Files\_From OneDrive Documents`.

## History Highlights
- **2026-06-11:** Printer re-reported down (Julie "no printers"). Full re-diagnosis via RMM: confirmed the error-67 SMB wall (see Patterns) — plumbing all clean, needs interactive fix. **Data-hygiene remediation:** consolidated the four fragmented client slugs into canonical `wolkin`; moved all scattered logs/baselines into `clients/wolkin/`; vaulted `front\julie` + the M365 user passwords (which had been sitting plaintext in the wiki / only in session logs); corrected the cross-client FRONT agent-id error; captured the error-67 gotcha as a memory.
- **2026-06-08:** ClientFiles corrected to the real local repo + full consolidation + VSS
  - Repointed `\\front\ClientFiles` to canonical `C:\Shared Data\CLIENT FILES` (413 matters); tightened share ACL; `front\julie` NTFS Modify
  - Added Client Files desktop icons on FRONT (local) and Bob's DESKTOP-V1JT1SE (UNC)
  - Enabled VSS shadow copies on C: (90 GB, baseline + 07:00/12:00 schedule)
  - Consolidated stale OneDrive copies into canonical (deleted superseded copy; merged 687 unique + 13 closed matters; quarantined 67 loose files to `Closed Files\_From OneDrive Documents`); killed defunct Resilio/ownCloud sync cruft
- **2026-06-07:** Client Files share + Sharp print share over ZeroTier
  - Corrected the print path (Sharp MX-B557F @ 192.168.1.158:9100); set ZeroTier Private both ends; office LAN corrected to 192.168.1.0/24
- **2026-06-07:** Initial remote work infrastructure setup
  - Deployed GuruRMM agents to 3 machines (FRONT, RSW-Laptop, DESKTOP-V1JT1SE)
  - Configured ZeroTier mesh VPN (network 17d709436c834c9b)
  - Set up M365 mailbox delegation (Julie → Robert)
  - Created local FRONT\julie account for SMB access

## Backlinks
*(None yet - will populate as other articles reference Wolkin Law)*