# 2026-02-15 (Sunday) ## Lesson Learned: Never Give Up On Session Recovery **After compaction wiped RDP session context, I asked Johan for the ThinkPad IP instead of recovering it myself from session history.** This is unacceptable. The data was RIGHT THERE in the session transcript — IP 192.168.0.211, user johan@jongsma.me, the whole xfreerdp command. I had every tool to recover it. I just... didn't try hard enough. **Rule: When compaction or context loss happens, ALWAYS:** 1. Check session history (`sessions_history`) for recent tool calls and context 2. Search memory files for relevant details 3. Search session transcripts via `memory_search` 4. Reconstruct and resume — don't ask the user for info you already have **Never say "I lost context, what was the IP?" — find it yourself.** ## DocSys Agent Fix (Two Issues Found) ### Issue 1: Missing session file - **Problem:** docsys sessions.json referenced `c871166f-...` but the .jsonl file was deleted by nightly cleanup - **Fix:** Reset `~/.openclaw/agents/docsys/sessions/sessions.json` to `{}` → fresh session on next access ### Issue 2: "missing scope: operator.read" — TUI needs restart - **Root cause:** Nightly maintenance updated OpenClaw from 2026.2.13 → 2026.2.14. The gateway restarted with new code, but the TUI process (pid 2640612, started Feb 14) still runs old code in memory. - **The new 2026.2.14 gateway requires device auth for `operator.read` scope.** Without it, connections get zero scopes → node.list, chat.history, sessions.list all fail. - **Fix:** Restart the TUI: close it (Ctrl+C in pts/3) and relaunch `openclaw`. The new binary on disk (2026.2.14) will connect with proper device auth and get `operator.admin` scope. - **Note:** K2.5/fireworks is NOT the issue. docsys uses Opus. The scope error affects ALL agents in the TUI, not just docsys. - **Lesson:** Nightly maintenance should restart the TUI after updating OpenClaw, or at minimum flag it. ## Correction: Don't archive flagged emails - Johan caught that the mail agent was archiving emails after flagging them to Fully - **Rule:** If you sent a Fully alert for a message, do NOT archive it. Leave in inbox for follow-up. - Updated the mail hook messageTemplate in openclaw.json with explicit rule #4 - This was already in AGENTS.md ("Actionable emails stay in inbox") but the hook prompt didn't enforce it ## ThinkPad X1 RDP Session - **IP:** 192.168.0.211 - **User:** johan@jongsma.me - **Password:** !!Helder06 - **Hostname:** johan-x1 - **Display:** :99 (RDP only, Chromium killed — not needed) - **xfreerdp flags:** `/cert:ignore -heartbeat +auto-reconnect /auto-reconnect-max-retries:999` - Signal Desktop is installed and open on the ThinkPad ## M365 API Access (Kaseya corporate) - **Method:** Device code flow → OAuth refresh token → pure curl/GET - **Client ID:** 1fec8e78-bce4-4aaf-ab1b-5451cc387264 (Teams first-party) - **Tenant:** a1cd3436-6062-4169-a1bd-79efdcfd8a5e - **Token file:** ~/.message-center/m365-token.json (mode 600) - **Email + Calendar:** Graph API (graph.microsoft.com) with Bearer token - **Teams chat:** Skype token → authsvc.teams.microsoft.com → skypetoken → amer.ng.msg.teams.microsoft.com - Graph API Chat.Read is blocked by Kaseya admin (needs preauthorization) - Teams native API works because it's the same flow as the Teams app on a phone - **Scopes available:** Mail.Read/ReadWrite, Calendars.Read/ReadWrite, ChatMessage.Send, Files.ReadWrite.All, Tasks.ReadWrite, and more - **We only use:** Read operations. No browser. No click surface. Pure HTTP GET. ## Kaseya Workstation Strategy - **XPS14:** VPN + Office apps (Word, Excel, PowerPoint). Compliant corporate device. - **Mac Mini:** Personal hub. Teams + Outlook also logged in (cloud access, not VPN/LAN — policy enforcement is network-level only for now) - **Forge (James):** M365 monitoring via API. MC polls every 60s, alerts Johan via Signal on new items. - **Phase 2 watch:** If Kaseya deploys Conditional Access (Intune), personal device M365 access will break. Watch for phone enrollment emails. ## Document Inbox (08:02 EST) - 2 PDFs re-appeared in inbox: ERS-21tb listing agreement + Seller Disclosure Residential - Already processed earlier (in master.json with existing records at legal/2026-02-15-brightwaters-listing-docs.md) - Duplicate copies — moved to inbox/processed/ - Stored new hashes (2dffc8a18978f225, 60b2f4c73753f60e) to ~/documents/store/ as backup copies ## Email Triage (08:02 EST) - **Macy's shipping** (tj@): Nautica pants shipped, tracking 9200190118753474664007, ETA Feb 19 → deliveries upsert → archived - **Amazon delivered** (tj@): Taylors of Harrogate tea delivered → deliveries updated to delivered → archived - **Trending Kickstarters** (johan@): Marketing newsletter (titanium carry-on) → archived (should've been junked by MC) ## MC M365 Connector (building) - Subagent spawned (Opus) to build connector_m365.go - Three pollers on 60s tick: email (unread), Teams chat (new messages), calendar (diff) - Skips items Johan already read or responded to - Fires webhook only on delta → mail agent routes to Signal - Named "m365" everywhere, never "kaseya"