Howard Enos
8d975c1b44
Howard's personal MSP client documentation folder imported into shared
ClaudeTools repo via /import command. Scope:
Clients (structured MSP docs under clients/<name>/docs/):
- anaise (NEW) - 13 files
- cascades-tucson - 47 files merged (existing had only reports/)
- dataforth - 18 files merged (alongside incident reports)
- instrumental-music-center - 14 files merged
- khalsa (NEW) - 22 files, multi-site (camden, river)
- kittle (NEW) - 16 files incl. fix-pdf-preview, gpo-intranet-zone
- lens-auto-brokerage (NEW) - 3 files (name matches SOPS vault)
- _client_template - 13-file scaffold for new clients
MSP tooling (projects/msp-tools/):
- msp-audit-scripts/ - server_audit.ps1, workstation_audit.ps1, README
- utilities/ - clean_printer_ports, win11_upgrade,
screenconnect-toolbox-commands
Credential handling:
- Extracted 1 inline password (Anaise DESKTOP-O8GF4SD / david)
to SOPS vault: clients/anaise/desktop-o8gf4sd.sops.yaml
- Redacted overview.md with vault reference pattern
- Scanned all 160 files for keys/tokens/connection strings -
no other credentials found
Skipped:
- Cascades/.claude/settings.local.json (per-machine config)
- Source-root CLAUDE.md (personal, claudetools has its own)
- scripts/server_audit.ps1 and workstation_audit.ps1 at source root
(identical duplicates of msp-audit-scripts versions)
Memory updates:
- reference_client_docs_structure.md (layout, conventions, active list)
- reference_msp_audit_scripts.md (locations, ScreenConnect 80-char rule)
Session log: session-logs/2026-04-16-howard-client-docs-import.md
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
383 lines
22 KiB
Markdown
383 lines
22 KiB
Markdown
# Workstation Inventory — Cascades
|
|
|
|
Last audited: 2026-03-20
|
|
|
|
## Fleet Summary
|
|
|
|
| Metric | Count |
|
|
|--------|-------|
|
|
| Total workstations | 19 |
|
|
| Domain-joined | 5 |
|
|
| Not domain-joined | 14 |
|
|
| Windows 11 Pro | 8 |
|
|
| Windows 11 Home (cannot domain join) | 3 |
|
|
| Windows 10 Pro | 3 |
|
|
| Windows 10 Home (cannot domain join) | 3 |
|
|
| Win 10 Pro for Workstations | 1 |
|
|
| Win 11 Pro for Workstations | 1 |
|
|
| BitLocker encrypted + protection ON | 2 |
|
|
| BitLocker encrypted, protection OFF | 3 |
|
|
| No BitLocker | 13 |
|
|
| Updates current (within 30 days) | 10 |
|
|
| Updates critically behind (3+ months) | 6 |
|
|
|
|
## All Workstations
|
|
|
|
### ACCT2-PC
|
|
- **OS:** Windows 11 Pro for Workstations 25H2 (Build 26200)
|
|
- **Domain:** cascades.local (joined)
|
|
- **Hardware:** Acer Aspire C24-963 AIO | Serial: DQBF6AA001040003223000
|
|
- **CPU:** Intel i3-1005G1 (2C/4T) | **RAM:** 7.8 GB
|
|
- **Disk:** C: 118.4 GB / 53 GB free (55%) — SanDisk SSD
|
|
- **Network:** Wi-Fi @ 10.0.20.209/24 (STATIC) | DNS: 192.168.2.254 | MAC: 98:8D:46:F1:2D:C2
|
|
- **BitLocker:** Encrypted, **Protection OFF** — no key protectors
|
|
- **AV:** Datto AV (enabled, up to date)
|
|
- **Updates:** Last KB5077181 2026-02-21
|
|
- **Local Admins:** Administrator, Localadmin, CASCADES\Allison.Reibschied, CASCADES\Domain Admins
|
|
- **Users:** Localadmin, Stephanie
|
|
- **Software:** M365 Apps, Brother MFC-L8900CDW, Epson ES-580W, Synology Drive Client, Chrome
|
|
- **Printers:** CopyRoom iR-ADV C478 (WSD), Brother MFC-L8900CDW (10.0.20.220)
|
|
- **Issues:** BitLocker protection OFF, no screen lock
|
|
|
|
### ANN-PC
|
|
- **OS:** Windows 11 Home 24H2 (Build 26100) — **cannot domain join**
|
|
- **Domain:** WORKGROUP (not joined)
|
|
- **Hardware:** Lenovo F0EW005TUS AIO | Serial: MP1Z9DZY
|
|
- **CPU:** AMD Ryzen 3 4300U (4C/4T) | **RAM:** 7.4 GB
|
|
- **Disk:** C: 237.2 GB / 71.9 GB free (70%) — Samsung SSD
|
|
- **Network:** Wi-Fi @ 192.168.3.252/22 (DHCP) | DNS: 192.168.0.1 | MAC: CC:6B:1E:11:F0:7F
|
|
- **BitLocker:** Not enabled
|
|
- **AV:** Datto AV (enabled)
|
|
- **Updates:** Last KB5083532 2026-03-11 (current)
|
|
- **Local Admins:** Administrator, christina, localadmin, rootadmin
|
|
- **Users:** christina (active), Ann Dery (last 2024-06-11)
|
|
- **Software:** M365 Apps, Adobe Acrobat, Kofax Power PDF, Brother MFC-9330/9340CDW, Epson ET-5800, Synology Drive, TeamViewer, Firefox, Chrome, Splashtop, Syncro
|
|
- **Printers:** Brother MFC-L8900CDW (WSD), Brother MFC-9340CDW (WSD), Brother MFC-9330CDW (WSD)
|
|
- **Printer ports:** 10.0.20.221, 192.168.2.126, 192.168.2.135, 192.168.0.145, 192.168.0.170
|
|
- **Issues:** Win Home (needs Pro), no BitLocker, no screen lock, TeamViewer installed (old MSP?)
|
|
|
|
### ASSISTMAN-PC
|
|
- **OS:** Windows 10 Pro 22H2 (Build 19045)
|
|
- **Domain:** WORKGROUP (not joined, workgroup name is "CASCADES")
|
|
- **Hardware:** Lenovo 10K3000BUS AIO | Serial: P901KGLQ
|
|
- **CPU:** Intel i5-6200U (2C/4T) | **RAM:** 11.9 GB
|
|
- **Disk:** C: 222.3 GB / 53 GB free (76% — getting full) — SATA SSD
|
|
- **Network:** Wi-Fi @ 192.168.2.38/22 (DHCP) | DNS: 192.168.0.1 | MAC: EE:80:75:AE:49:E3
|
|
- **BitLocker:** Not enabled
|
|
- **AV:** Datto AV (enabled)
|
|
- **Updates:** Last KB5072653 **2025-12-20 — 3 MONTHS BEHIND**
|
|
- **Local Admins:** Administrator, CasAdmin201, Dax Howard, "DO NOT USE", localadmin, Meredith Kuhn, MeredithK (7 admins!)
|
|
- **Users:** MeredithK (active), CasAdmin201, Cecil Rinker (old), "DO NOT USE" (disabled)
|
|
- **Software:** M365 Apps, Adobe Acrobat, Adobe Creative Cloud, QuickBooks Pro 2024, Canon MF741C/743C, Brother MFC-9330CDW, Dropbox, RemotePC, Synology Drive/Chat, Firefox, Chrome, Splashtop, Syncro
|
|
- **Mapped Drives:** H: \\192.168.0.120\homes, M: \\192.168.0.120\Management, Q: \\cs-server\Quickbooks, S: \\192.168.0.120\SalesDept, Z: \\cs-server\directoryshare
|
|
- **Printers:** Canon MF741C/743C (WSD+USB), Canon copy room (WSD), Brother MFC-9330CDW, ABS PDF, Adobe PDF
|
|
- **Issues:** 3 months behind on updates, **RDP enabled WITHOUT NLA**, 7 local admins, 76% disk used, no BitLocker, no screen lock
|
|
|
|
### CHEF-PC
|
|
- **OS:** Windows 11 Pro 25H2 (Build 26200)
|
|
- **Domain:** WORKGROUP (not joined, workgroup name is "CASCADES")
|
|
- **Hardware:** Acer Aspire C24-865 AIO | Serial: DQBBUAA0049100D70B3000
|
|
- **CPU:** Intel i5-8250U (4C/8T) | **RAM:** 11.9 GB
|
|
- **Disk:** C: 222.3 GB / 102.5 GB free (54%) — Patriot P210 512GB SSD (only 222GB partition on 476GB disk)
|
|
- **Network:** Ethernet @ 10.0.20.232/24 (DHCP) | DNS: 192.168.0.1 | MAC: 98:EE:CB:9D:8A:84 | 1 Gbps (hardwired)
|
|
- **BitLocker:** Not enabled
|
|
- **AV:** Datto AV (enabled)
|
|
- **Updates:** Last KB5077181 2026-02-21
|
|
- **Local Admins:** Administrator, CasAdmin201, localadmin
|
|
- **Users:** CasAdmin201, Ramon Castaneda (active), Michael Sabia (active), Ordering (old)
|
|
- **Software:** M365 Apps, Brother MFC-9330CDW, Canon MF731C/733C, Dropbox, UniFi, RemotePC, Synology Drive, Firefox, Splashtop, Syncro
|
|
- **Mapped Drives:** None
|
|
- **Printers:** CopyRoom (Canon, port 192.168.2.230), Chef Printer (Brother MFC-9330CDW USB)
|
|
- **Issues:** RDP enabled, no BitLocker, no screen lock, Norton Security Scan (old bloatware), partition only uses half the disk
|
|
|
|
### CRYSTAL-PC
|
|
- **OS:** Windows 11 Pro 23H2 (Build 22631)
|
|
- **Domain:** cascades.local (joined)
|
|
- **Hardware:** Acer Aspire C27-962 AIO | Serial: DQBDPAA003037009206B01
|
|
- **CPU:** Intel i5-1035G1 (4C/8T) | **RAM:** 15.8 GB
|
|
- **Disk:** C: 231.6 GB / 61.8 GB free (73%) — WDC SSD
|
|
- **Network:** Wi-Fi @ 10.0.20.205/24 (DHCP) | DNS: 192.168.0.1 | MAC: F0:09:0D:0D:FC:A7 (TP-Link USB)
|
|
- **BitLocker:** Not enabled
|
|
- **AV:** Datto AV + Malwarebytes 5.5.1
|
|
- **Updates:** Last KB5066133 **2025-10-18 — 5 MONTHS BEHIND**
|
|
- **Local Admins:** CASCADES\Administrator, CASCADES\Domain Admins, Administrator, localadmin, rootadmin
|
|
- **Users:** localadmin, rootadmin (domain-joined, logs in via AD)
|
|
- **Software:** M365 Apps, Adobe Acrobat, Adobe Creative Cloud, Canon MF741C/743C, Malwarebytes, Synology Drive/Chat/Assistant, Zoom, Firefox, Chrome, Splashtop
|
|
- **Printers:** Sales Printer (Brother, port 192.168.3.44), iR-ADV C478 Copy Room (WSD)
|
|
- **Orphan printer ports:** 0.0.0.0, 192.168.0.140, 192.168.2.139, 192.168.2.230, 192.168.2.60, 192.168.45.109
|
|
- **Issues:** **5 months behind on updates**, no BitLocker, no screen lock, many orphan printer ports
|
|
|
|
### DESKTOP-DLTAGOI
|
|
- **OS:** Windows 11 Pro 25H2 (Build 26200) — **upgraded 2026-04-13**
|
|
- **Domain:** cascades.local (joined 2026-04-13)
|
|
- **Hardware:** Acer Aspire C24-865 AIO | Serial: DQBBUAA0048510AC273000
|
|
- **CPU:** Intel i5-8250U (4C/8T) | **RAM:** 11.9 GB
|
|
- **Disk:** C: 237.6 GB / 105.4 GB free (56%) — SPCC SSD
|
|
- **Network:** Wi-Fi @ 192.168.3.133/22 (DHCP) | DNS: 192.168.0.1 | MAC: A0:A4:C5:7A:83:16 | 72.2 Mbps (low!)
|
|
- **BitLocker:** Not enabled
|
|
- **AV:** Datto AV (enabled)
|
|
- **Updates:** Last KB5079473 2026-03-11 (current)
|
|
- **Local Admins:** localadmin
|
|
- **Local Users Removed:** casadmin201, rootadmin, local "Sharon Edwards" (2026-04-13)
|
|
- **Domain User:** CASCADES\Sharon.Edwards (Life Education Assistant)
|
|
- **Software:** M365 Apps, Adobe Acrobat, Canon MF741C/743C, Google Drive, Chrome, Splashtop, Syncro
|
|
- **Printers:** CopyRoom iR-ADV C478 (manual IP), Brother printers removed (2026-04-13)
|
|
- **Issues:** No BitLocker, no screen lock, slow WiFi (72 Mbps).
|
|
- **Nearby Printer:** Rec Room (Room 132) Canon MF741CDW @ 10.0.20.94 (INTERNAL VLAN, WiFi)
|
|
|
|
### DESKTOP-ROK7VNM
|
|
- **OS:** Windows 11 Pro (upgraded 2026-04-13, manual key)
|
|
- **Domain:** cascades.local (joined 2026-04-13)
|
|
- **Hardware:** TBD — needs audit
|
|
- **Network:** TBD
|
|
- **BitLocker:** TBD
|
|
- **AV:** TBD
|
|
- **Local Admins:** localadmin (others TBD)
|
|
- **Domain User:** CASCADES\Susan.Hicks (Life Enrichment Director)
|
|
- **Printers:** TBD — needs Rec Room Canon MF741CDW (10.0.20.94) + Copy Room
|
|
- **Issues:** Needs full audit
|
|
|
|
### DESKTOP-H6QHRR7
|
|
- **OS:** Windows 11 Pro for Workstations 25H2 (Build 26200)
|
|
- **Domain:** cascades.local (joined)
|
|
- **Hardware:** Lenovo 11QE003VGP Desktop | Serial: GM01H11N
|
|
- **CPU:** Intel i5-10400 (6C/12T) | **RAM:** 15.7 GB
|
|
- **Disks:** C: 476 GB / 309 GB free (35%) + D: 476.2 GB / 434.7 GB free (9%) — Intel NVMe + SPCC SSD
|
|
- **Network:** Wi-Fi @ 10.0.20.235/24 (STATIC) | DNS: 192.168.2.254 | MAC: F0:09:0D:0D:FE:E9 (TP-Link USB)
|
|
- **BitLocker:** Not enabled (C: or D:)
|
|
- **AV:** Datto AV (enabled)
|
|
- **Updates:** Last KB5077241 2026-02-25
|
|
- **Local Admins:** CASCADES\Domain Admins, CASCADES\lauren.hasselman, Administrator, CasAdmin201, localadmin, Sylvia Cuen
|
|
- **Users:** Sylvia Cuen (active), CasAdmin201, Amber Lee (old), Daniela Arballo (old)
|
|
- **Software:** M365 Apps, Adobe Acrobat, QuickBooks Pro 2024, Canon MF450, Epson scanners, ScanLite2/TellerScan (check scanners), Zoom, Chrome, Splashtop, Syncro
|
|
- **Mapped Drives:** Z: \\192.168.0.120\Management (user: lauren.hasselman)
|
|
- **Printers:** Accounting Printer Brother (192.168.0.26), Canon MF450 (USB, shared), iR-ADV C478 (WSD), Brother HL-L2395DW/MFC-L8850CDW/MFC-L8900CDW (WSD)
|
|
- **Issues:** No BitLocker on either drive, no screen lock, lauren.hasselman is local admin (AD user)
|
|
|
|
### DESKTOP-KQSL232
|
|
- **OS:** Windows 10 Pro 22H2 (Build 19045)
|
|
- **Domain:** WORKGROUP (not joined)
|
|
- **Hardware:** Lenovo 10HC000CUS AIO | Serial: P9017YA3
|
|
- **CPU:** Intel i5-6200U (2C/4T) | **RAM:** 7.9 GB
|
|
- **Disk:** C: 222.9 GB / 86 GB free (61%) — SanDisk Ultra II 240GB SSD
|
|
- **Network:** Wi-Fi @ 10.0.20.227/24 (DHCP) | DNS: 192.168.0.1 | MAC: C8:FF:28:64:8A:9F
|
|
- **BitLocker:** Not enabled
|
|
- **AV:** Datto AV (2 instances, one disabled)
|
|
- **Updates:** Last KB5072653 **2025-12-20 — 3 MONTHS BEHIND**
|
|
- **Local Admins:** Administrator, localadmin, rootadmin
|
|
- **Users:** Lois Lane (active, **no password required**), Nela Durut-Azizi (old), rootadmin
|
|
- **Software:** M365 Apps, Brother MFC-L8900CDW, Canon Generic Plus, KONICA MINOLTA, Synology Drive, Zoom, Chrome, Splashtop, Syncro
|
|
- **Printers:** KONICA MINOLTA (192.168.1.138), iR-ADV C478 (192.168.0.170), Brother MFC-L8900CDW (IP mismatch: 192.168.0.55 → 192.168.45.191)
|
|
- **Issues:** 3 months behind updates, user has no password, duplicate Datto AV, stale printer port mappings
|
|
|
|
### DESKTOP-LPOPV30
|
|
- **OS:** Windows 10 Pro 22H2 (Build 19045)
|
|
- **Domain:** WORKGROUP (not joined)
|
|
- **Hardware:** Lenovo 11CES04D00 AIO | Serial: MJ0H4SZQ
|
|
- **CPU:** Intel i5-10500 (6C/12T) | **RAM:** 15.7 GB
|
|
- **Disk:** C: 476.3 GB / 322.2 GB free (32%) — Samsung NVMe SSD
|
|
- **Network:** Wi-Fi @ 192.168.2.250/22 (DHCP) | DNS: 192.168.0.1 | MAC: E4:FA:C4:00:65:F1
|
|
- **BitLocker:** Encrypted, **Protection ON** (TPM + RecoveryPassword) — GOOD
|
|
- **AV:** Datto AV (enabled)
|
|
- **Updates:** Last KB5049981 **2025-02-02 — 13 MONTHS BEHIND (CRITICAL)**
|
|
- **Local Admins:** Administrator, CasAdmin201, Karen Rossini, localadmin
|
|
- **Users:** Karen Rossini (active), Britney Thompson, CasAdmin201, Haris Durut (old), Jodi Ramstack (old), nela (old)
|
|
- **Software:** M365 Apps, Brother MFC-L8850CDW, Brother MFC-L8900CDW, Synology Drive, TP-Link drivers, Firefox, Chrome, Splashtop, Syncro
|
|
- **Printers:** Memcare Medtech Printer (Brother MFC-L8900CDW, 192.168.2.53), iR-ADV C478 (WSD), Brother MFC-L8850CDW
|
|
- **Issues:** **13 MONTHS without updates (CRITICAL)**, multiple stale user profiles from former employees
|
|
|
|
### DESKTOP-U2DHAP0
|
|
- **OS:** Windows 11 Pro 24H2 (Build 26100)
|
|
- **Domain:** WORKGROUP (not joined)
|
|
- **Hardware:** Lenovo 12CE009MGP AIO | Serial: MP2AKLWY
|
|
- **CPU:** 12th Gen Intel i5-12450H (8C/12T) | **RAM:** 15.7 GB
|
|
- **Disks:** C: 475.9 GB / 287.8 GB free (40%) + E: FAT32 1.9 GB USB flash
|
|
- **Network:** Wi-Fi @ 192.168.3.37/22 (DHCP) | DNS: 192.168.0.1 | MAC: E8:C8:29:6B:C1:D7
|
|
- **BitLocker:** C: Encrypted, **Protection ON** (TPM + RecoveryPassword) — GOOD | E: not encrypted
|
|
- **AV:** Datto AV (enabled)
|
|
- **Updates:** Last KB5077869 2026-02-25
|
|
- **Local Admins:** Administrator, Ashley, localadmin
|
|
- **Users:** Ashley (active)
|
|
- **Software:** M365 Apps, Adobe Acrobat, QuickBooks Pro 2024, Epson ET-5800, Epson check scanners (TM-S1000/S9000), ScanLite2, Canon MF741C/743C, Synology Drive/Chat, RemotePC, Chrome, Splashtop, Syncro
|
|
- **Mapped Drives:** Q: \\cs-server\Quickbooks, Y: \\cs-server\directoryshare, Z: \\EPSON833571\USBSTORAGE
|
|
- **Printers:** Canon MF741C/743C (multiple), iR-ADV C478 (WSD), HP Smart Tank 7600, Brother MFC-L8850CDW, ABS PDF, Adobe PDF
|
|
- **Issues:** **RDP enabled WITHOUT NLA**, no screen lock, USB flash drive not encrypted
|
|
|
|
### LAPTOP-DRQ5L558
|
|
- **OS:** Windows 10 Home 22H2 (Build 19045) — **cannot domain join**
|
|
- **Domain:** WORKGROUP (not joined)
|
|
- **Hardware:** Lenovo 81W1 Notebook | Serial: PF2L3689
|
|
- **CPU:** AMD Ryzen 5 3500U (4C/8T) | **RAM:** 5.9 GB
|
|
- **Disk:** C: 237.2 GB / 173.3 GB free (27%) — SK Hynix NVMe SSD
|
|
- **Network:** Wi-Fi @ **10.0.50.141/24 (GUEST VLAN!)** | DNS: 8.8.8.8, 1.1.1.1 | MAC: D8:F3:BC:88:8B:E3
|
|
- **BitLocker:** Not enabled
|
|
- **AV:** Datto AV (multiple instances, mixed state)
|
|
- **Updates:** Last KB5075039 2026-03-04 (current)
|
|
- **Local Admins:** Administrator, localadmin, rootadmin
|
|
- **Users:** User (generic account, active)
|
|
- **Software:** Chrome, Edge, ScreenConnect, Splashtop, Syncro — **no M365, no productivity apps**
|
|
- **Issues:** **On Guest WiFi (10.0.50.x) — should be internal**, Win Home, no BitLocker, no productivity software, minimal setup laptop
|
|
|
|
### LAPTOP-E0STJJE8
|
|
- **OS:** Windows 10 Home 22H2 (Build 19045) — **cannot domain join**
|
|
- **Domain:** WORKGROUP (not joined)
|
|
- **Hardware:** Lenovo 81W1 Notebook | Serial: PF2L3AAQ
|
|
- **CPU:** AMD Ryzen 5 3500U (4C/8T) | **RAM:** 5.9 GB
|
|
- **Disk:** C: 237.2 GB / 173.3 GB free (27%) — SK Hynix NVMe SSD
|
|
- **Network:** Wi-Fi @ 10.0.20.200/24 (DHCP) | DNS: 192.168.0.1 | MAC: DA:F3:D8:88:F9:C7
|
|
- **BitLocker:** Not enabled
|
|
- **AV:** Datto AV (mixed) + **McAfee LiveSafe + WebAdvisor (bloatware, conflicts)**
|
|
- **Updates:** Last KB5075039 2026-03-04 (current)
|
|
- **Local Admins:** Administrator, localadmin, rootadmin
|
|
- **Users:** User (generic account, active)
|
|
- **Software:** Chrome, Edge, McAfee LiveSafe, Zoom — **no M365, no productivity apps**
|
|
- **Issues:** Win Home, McAfee conflicting with Datto AV, no BitLocker, minimal setup laptop
|
|
|
|
### LAPTOP2
|
|
- **OS:** Windows 11 Pro 24H2 (Build 26100)
|
|
- **Domain:** WORKGROUP (not joined)
|
|
- **Hardware:** Lenovo 82QD Notebook | Serial: PF5D2015
|
|
- **CPU:** 12th Gen Intel i5-1235U (10C/12T) | **RAM:** 11.7 GB
|
|
- **Disk:** C: 474.7 GB / 395.4 GB free (17%) — Samsung NVMe SSD
|
|
- **Network:** Wi-Fi @ 192.168.2.118/22 (DHCP) | DNS: 192.168.0.1 | MAC: 70:08:94:93:8E:F5
|
|
- **BitLocker:** Encrypted, **Protection OFF** — no key protectors
|
|
- **AV:** Datto AV (enabled)
|
|
- **Updates:** Last KB5063666 **2025-07-14 — 8 MONTHS BEHIND (CRITICAL)**
|
|
- **Local Admins:** Administrator, Localadmin
|
|
- **Users:** Training2 (active)
|
|
- **Software:** M365, Firefox — minimal/clean install
|
|
- **Issues:** **8 months without updates**, BitLocker protection OFF, training laptop with minimal software
|
|
|
|
### MAINTENANCE-PC
|
|
- **OS:** Windows 11 Pro 25H2 (Build 26200) — **upgraded 2026-04-13, manual key**
|
|
- **Domain:** PENDING domain join
|
|
- **Hardware:** Lenovo F0EW005TUS AIO | Serial: MP1Z9NPA
|
|
- **CPU:** AMD Ryzen 3 4300U (4C/4T) | **RAM:** 7.4 GB
|
|
- **Disk:** C: 237.2 GB / low — cleanup in progress (SoftwareDistribution cleared, nick profile deleted, DISM cleanup run)
|
|
- **Network:** Wi-Fi @ 192.168.3.156/22 (DHCP) | DNS: 192.168.0.1 | MAC: 5C:61:99:24:E7:5F
|
|
- **BitLocker:** Not enabled
|
|
- **AV:** Datto AV + Malwarebytes 5.5.0
|
|
- **Updates:** Last KB5079473 2026-03-11 (current)
|
|
- **Local Admins:** Administrator, casadmin201, localadmin — nick removed 2026-04-13
|
|
- **Users:** Bruce Miller (active), casadmin201, John Trozzi (disabled) — nick profile deleted 2026-04-13
|
|
- **Domain User:** CASCADES\John.Trozzi (Maintenance) — pending domain join
|
|
- **Software:** M365 Apps, Adobe Acrobat, 8x8 Network Utility, Brother MFC-9340CDW, Brother MFC-L2820DW, Epson ET-5800, Malwarebytes, Zoom, Splashtop, Syncro
|
|
- **Printers:** Maintenance Printer (Brother USB), KONICA MINOLTA bizhub C368 (WSD), iR-ADV C478 (WSD), Epson ET-5800 (USB), Brother MFC-L2820DW (USB)
|
|
- **Fixes Applied:** Wi-Fi power saving disabled + Fast Startup disabled (2026-03-25) — was dropping Wi-Fi after idle. OneDrive uninstalled (2026-03-26) — corrupt Telemetry.dll causing entry point error on boot, user doesn't use OneDrive.
|
|
- **TODO:** Domain join, local account cleanup (remove casadmin201, old local users), finish disk cleanup
|
|
|
|
### MDIRECTOR-PC
|
|
- **OS:** Windows 11 Home 25H2 (Build 26200) — **cannot domain join**
|
|
- **Domain:** WORKGROUP (not joined)
|
|
- **Hardware:** Acer Aspire C24-865 AIO | Serial: DQBBUAA0049100D7043000
|
|
- **CPU:** Intel i5-8250U (4C/8T) | **RAM: 3.9 GB (critically low)**
|
|
- **Disk:** C: 475.7 GB / 194.3 GB free (59%) — Patriot P210 512GB SSD
|
|
- **Network:** Ethernet @ 10.0.20.71/24 (DHCP) | DNS: 192.168.0.1 | MAC: 98:EE:CB:9D:8A:81 | 1 Gbps (hardwired)
|
|
- **BitLocker:** Not enabled
|
|
- **AV:** **COMODO Antivirus (DISABLED)** — Windows Defender is active instead
|
|
- **Updates:** Last KB5079473 2026-03-11 (current)
|
|
- **Local Admins:** Administrator, localadmin
|
|
- **Users:** Shelby Trozzi (active), Anna Pitzlin (old — last 2025-06-26)
|
|
- **Software:** M365 Apps, Adobe Acrobat, Brother MFC-L8850CDW, Canon MF750C, CrystalDiskInfo, Synology Drive, Firefox, Splashtop, Syncro
|
|
- **Mapped Drives:** H: \\cascadesds\homes, M: \\cascadesds\Management, P: \\cascadesds\Public (all Synology!)
|
|
- **Printers:** Memcare Director Printer (Canon UFR II USB), iR-ADV C478 (WSD), KONICA MINOLTA bizhub C368 (WSD)
|
|
- **Issues:** **Only 3.9 GB RAM**, Win Home, COMODO AV disabled (remove it), still mapped to Synology directly, no BitLocker
|
|
|
|
### MEMRECEPT-PC
|
|
- **OS:** Windows 10 Home 22H2 (Build 19045) — **cannot domain join**
|
|
- **Domain:** WORKGROUP (not joined)
|
|
- **Hardware:** No-brand PC (no manufacturer info) | Serial: none
|
|
- **CPU:** **Pentium Dual-Core E5500 @ 2.80GHz (2C/2T) — ANCIENT**
|
|
- **RAM:** 6 GB | **NIC:** 100 Mbps only
|
|
- **Disk:** C: 237.4 GB / 110.3 GB free (54%) — ADATA SSD
|
|
- **Network:** Ethernet @ 192.168.3.41/22 (DHCP) | DNS: 192.168.0.1 | MAC: BC:AE:C5:46:83:77 | 100 Mbps
|
|
- **BitLocker:** Not enabled
|
|
- **AV:** Datto AV (enabled)
|
|
- **Updates:** Last KB5072653 **2025-11-18 — 4 MONTHS BEHIND**
|
|
- **Local Admins:** Administrator, CasAdmin201, localadmin
|
|
- **Users:** memfrtdesk (active, **no password required**), CasAdmin201, Matthew (old)
|
|
- **Software:** M365 Apps, Brother MFC-L8900CDW, Canon MF Scan, Epson ET-5800, Synology Drive, Chrome, **TightVNC 2.8.27** (security risk), Splashtop, Syncro
|
|
- **Printers:** Epson ET-5800 (USB), Brother MFC-L8900CDW (BRW283A4D1AD571)
|
|
- **Printer port mismatches:** 192.168.0.145 → 192.168.1.138, 192.168.0.55 → 192.168.45.191
|
|
- **Issues:** **Ancient hardware** (Pentium E5500, 100Mbps NIC), 4 months behind updates, TightVNC installed (remove), user has no password, Win Home, stale printer ports
|
|
|
|
### NURSESTATION-PC
|
|
- **OS:** Windows 10 Pro for Workstations 22H2 (Build 19045)
|
|
- **Domain:** WORKGROUP (not joined)
|
|
- **Hardware:** Acer Aspire C24-963 AIO | Serial: DQBEQAA00302904E4D3000
|
|
- **CPU:** Intel i3-1005G1 (2C/4T) | **RAM:** 7.8 GB
|
|
- **Disk:** C: 475.8 GB / 309.2 GB free (35%) — WDC NVMe SSD
|
|
- **Network:** Wi-Fi @ 192.168.3.135/22 (DHCP) | DNS: 192.168.0.1 | MAC: 80:30:49:3D:5A:C1
|
|
- **BitLocker:** Not enabled
|
|
- **AV:** Datto AV (enabled)
|
|
- **Updates:** Last KB5075039 2026-03-03 (current)
|
|
- **Local Admins:** Administrator, CasAdmin201, localadmin
|
|
- **Users:** **Nurses (shared account, no password required)**, CasAdmin201, Adella Clark (last 2021), April Hughes (last 2020)
|
|
- **Software:** M365 Apps, Adobe Acrobat, Brother MFC-L8900CDW, Firefox, Splashtop, Syncro
|
|
- **Printers:** Brother MFC-L8900CDW (BRW283A4D1AD571)
|
|
- **Printer port mismatches:** 192.168.0.145 → 192.168.1.138, 192.168.0.55 → 192.168.45.191
|
|
- **Issues:** Shared "Nurses" account with no password (HIPAA violation), Pro for Workstations but not domain-joined, stale user profiles from 2020-2021, stale printer ports
|
|
|
|
### RECEPTIONIST-PC
|
|
- **OS:** Windows 11 Pro 25H2 (Build 26200)
|
|
- **Domain:** WORKGROUP (not joined)
|
|
- **Hardware:** Lenovo 11CDS0DC00 AIO | Serial: MJ0KQHNP
|
|
- **CPU:** Intel i5-10500 (6C/12T) | **RAM:** 15.7 GB
|
|
- **Disk:** C: 475.7 GB / 342.2 GB free (28%) — Samsung NVMe SSD
|
|
- **Network:** Wi-Fi @ 192.168.2.17/22 (DHCP) | DNS: 192.168.0.1 | MAC: 98:59:7A:B0:06:58
|
|
- **BitLocker:** Encrypted, **Protection OFF** — no key protectors
|
|
- **AV:** **Bitdefender Endpoint Security Tools + Datto AV** (both running — potential conflict)
|
|
- **Updates:** Last KB5077181 2026-02-21
|
|
- **Local Admins:** Administrator, CasAdmin201, localadmin
|
|
- **Users:** **Front Desk (shared account, no password required)**, CasAdmin201
|
|
- **Mapped Drives:** S: \\cs-server\Receptionist, Z: \\cs-server\directoryshare
|
|
- **Software:** M365 Apps, Adobe Acrobat, Bitdefender, Brother MFC-L8900CDW, Canon Generic Plus, Epson ET-5800, Chrome, Splashtop, Syncro
|
|
- **Printers:** Front Desk (Brother MFC-L8900CDW, BRWE86F385A28AB → 192.168.0.33), ET-5800 (network), CopyRoom (Canon, 192.168.2.219 → 192.168.2.230)
|
|
- **Issues:** Shared "Front Desk" account with no password (HIPAA violation), BitLocker protection OFF, dual AV conflict (Bitdefender + Datto), not domain-joined despite Pro license
|
|
|
|
## Critical Issues — Fleet-Wide
|
|
|
|
### Updates Critically Behind
|
|
| Machine | Last Update | Months Behind |
|
|
|---------|-----------|---------------|
|
|
| DESKTOP-LPOPV30 | 2025-02-02 | **13 months** |
|
|
| LAPTOP2 | 2025-07-14 | **8 months** |
|
|
| CRYSTAL-PC | 2025-10-18 | **5 months** |
|
|
| MEMRECEPT-PC | 2025-11-18 | **4 months** |
|
|
| ASSISTMAN-PC | 2025-12-20 | **3 months** |
|
|
| DESKTOP-KQSL232 | 2025-12-20 | **3 months** |
|
|
|
|
### Shared Accounts with No Password (HIPAA violations)
|
|
| Machine | Account | Role |
|
|
|---------|---------|------|
|
|
| NURSESTATION-PC | Nurses | Nurse station |
|
|
| MEMRECEPT-PC | memfrtdesk | MemCare front desk |
|
|
| RECEPTIONIST-PC | Front Desk | Main reception |
|
|
| DESKTOP-KQSL232 | Lois Lane | User with PasswordRequired=False |
|
|
|
|
### RDP Exposed
|
|
| Machine | NLA |
|
|
|---------|-----|
|
|
| ASSISTMAN-PC | **No NLA — critical** |
|
|
| DESKTOP-U2DHAP0 | **No NLA — critical** |
|
|
| CHEF-PC | Yes (NLA required) |
|
|
|
|
### Hardware Replacement Needed
|
|
| Machine | Issue |
|
|
|---------|-------|
|
|
| MEMRECEPT-PC | Pentium E5500, 6GB RAM, 100Mbps NIC — ancient, needs replacement |
|
|
| MDIRECTOR-PC | Only 3.9 GB RAM — needs RAM upgrade or replacement |
|
|
|
|
### Software to Remove (old MSP / security risks)
|
|
| Machine | Software | Risk |
|
|
|---------|----------|------|
|
|
| MEMRECEPT-PC | TightVNC 2.8.27 | Unauthorized remote access |
|
|
| LAPTOP-E0STJJE8 | McAfee LiveSafe + WebAdvisor | AV conflict with Datto |
|
|
| MDIRECTOR-PC | COMODO Antivirus (disabled) | Stale AV, should be removed |
|
|
| CHEF-PC | Norton Security Scan | Old bloatware |
|
|
| ALL machines | Splashtop Streamer | Previous MSP remnant |
|
|
| ALL machines | Syncro RMM | Previous MSP remnant (or current?) |
|
|
|
|
### Windows Home Machines (cannot domain join without Pro upgrade)
|
|
ANN-PC, LAPTOP-DRQ5L558, LAPTOP-E0STJJE8, MAINTENANCE-PC, MDIRECTOR-PC, MEMRECEPT-PC (6 machines)
|