My latest project, mstodo-mcp-cloudflare, is now public. It‘s a Cloudflare Worker that connects Claude.ai to your Microsoft To Do account over MCP. You can ask Claude to find, create, update, complete, and search tasks across all your lists in plain language without leaving the conversation. Open source, MIT licensed, and runs on the Cloudflare free tier for single-user installs with a normal task count, with great performance for Paid Worker tier if you need it. Allows for sub-list item control, multi-attachment deduplicated uploads, and custom linked items by content (define a ticket number regex and the system adds a related ticket link for tasks mentioning a ticket number, configurable via MCP conversation).

This follows the Obsidian MCP and link resolver Workers I released two days ago, using the same core pattern: Cloudflare Worker, Durable Object for stateful storage, OAuth for access control, all serverless and scaling to zero.

Why I built it​

I rely on Microsoft To Do for task management across all my devices. My Day resets every night, the sync is solid everywhere I work, and Outlook flagging integration sounded cool, but I abuse flags to the point of useless in a task app so I turned them off in To Do :-) (Don't worry, it still works here.)

I have more lists than most people would consider reasonable. Task lists, reference lists, and project-specific lists. That spread is both the strength and the weak point of the setup. Finding something across all of them required either opening To Do directly and searching, or remembering which list it was in.

The thing I wanted was conversational access to the whole picture. Not an AI embedded inside a task app behind whatever narrow interface the vendor provides, but an AI that could reach into the task app from a conversation, query across all the lists at once, and create tasks with context from whatever I was already discussing.

Before building this, I looked at what already existed. n8n is powerful, I use it a lot, it has Microsoft Graph integration (even with To Do directly!) and can wire up MCP-style operations for AI clients. The problem is coverage. The Microsoft To Do operations available through n8n's connector cover a subset of what the Graph API supports, and nothing is cached. A cross-list query through n8n means walking every list and fetching its tasks from the Graph API in sequence. This is fine for a single-list automation triggered manually, but slow enough to be painful for "show me everything due this week across all my lists" asked as a casual conversational query. With Microsoft Graph rate limits in play, bulk reads on a large account get uncomfortable fast. And n8n can build MCP servers easily but has some limitations on function structure that limit its capabilities here. I built it, used it periodically for 6 months, but always wanted something more complete.

Building the Obsidian MCP Worker made the right architecture clear. A local mirror in a Durable Object's SQLite database, kept current by delta sync, handles both problems: it exposes the full API surface and makes cross-list queries instant regardless of task count. Applying the same pattern to To Do was the natural next step.

What I am using it for​

The most immediate change to my daily workflow is…honestly unknown, I just built it! Of course I can ask Claude to pull all incomplete tasks due this week across all my lists, grouped by list type, and get an actual picture rather than scrolling through 20-odd lists one at a time. That query used to require opening To Do and filtering repeatedly, which I mostly did not bother to do. I can ask it to take a list of follow-up items in Obsidian and convert them to Microsoft To Do tasks, or I can take a reference item in To Do and have Claude research it with the results saved in an Obsidian note.

The other thing that comes up constantly is task creation from context. When something comes up mid-conversation (a follow-up to schedule, something to note about a project, a call to make, an ongoing Obsidian note I'm creating or editing) asking Claude to add a task is faster than switching apps, finding the right list, and typing. Because the server holds the full list roster with aliases I have configured, Claude should usually route the task correctly from a description without needing an exact list name.

Cross-list search is less dramatic but I use it more than expected. I frequently remember writing something down without remembering where. Full-text search across all task titles and notes, answered from the local SQLite FTS5 index, comes back fast without hitting the Graph API at all.

The other thing To Do is bad at surfacing in the app is completed tasks. You can see them, but only per-list and with limited sorting capability. Because all completed tasks are synchronized here, reporting with any type of filters should be straightforward. And I’m contemplating (it’s not here yet) adding a REST API to make this reporting even easier from n8n or other systems (I’m doing this now in n8n for a periodic “recently completed tasks” email summary, but with limitations this database copy would remove).

I've made two projects public today: obsidian-mcp-cloudflare and obsidian-link-resolver-cloudflare. Together they let Claude.ai (including the app, which requires OAuth and a cloud-accessible infrastructure) read and write my Obsidian vault, and they let anything outside Obsidian link to a note in a way that survives a rename. Both are Cloudflare Workers, both are MIT licensed, and both run on the free tier — for a single-user vault the monthly bill is $0. You could, of course, connect the AI of your choice to the system via MCP (ChatGPT, Gemini, etc.), it doesn't have to be Claude. These workers just provide MCP (and web-redirect) on top of the R2 bucket with the Markdown files.

Background​

I've known about Obsidian for years, but kept finding other apps that had nicer interfaces and fewer plugins to sort through (there's such a thing as too many options!) so I never used it full time. When I went looking a couple of weeks ago for a way to access my notes via Claude easily, most of the results came up with tools and systems that embedded AI inside the tool; I wanted something that would let me use the tool from AI so I could have my other integrations and systems come along for the ride. That left not many results, but Obsidian's open format and a couple of useful plugins already available made me take a second look. That, and it's now free for commercial use (commercial licenses are still voluntarily available to provide funding).

The default Obsidian look, though I'm not ultra picky about the user interface, looked way nicer when I switched to the Cupertino theme (and there are a lot of other nice ones!), and the Remotely Save plugin lets me sync in the background easily, or force a sync any time from the menu, across all Obsidian-supported platforms. So I built a proof of concept, it worked well, and I iterated on it a bit to add unique IDs and permalinks along with note patching to give AI an easier time editing notes precisely without fully replacing the entire contents.

I initially tested the system by storing a few things like AI prompts I wanted to remember (I've got several, but the best one so far is Ashley Cooper's Anti-Slop Glossary!) and a few other miscellaneous notes as I happened upon them.

Holds up at a conference​

In mostly accidental timing, I was scheduled to attend the MSPGeekCon conference about a week after I got my Obsidian/Cloudflare MCP server working. And when I arrived and sat down in the first session, I had to decide if I took no notes (easiest), took pictures of slides (but I rarely look at them again), wrote handwritten notes (my handwriting is terrible and slow, so I can barely write them or read them later), or some combination. Since the Obsidian MCP was fresh in my mind, I thought "I wonder how well Claude will take a picture of a slide and optionally any context from the talk I add, and turn it into a little conference note for me?"

Thanks to the NinjaOne Community Team for inviting me to be a part of the panel today to discuss how to get started with n8n on their regular Like a Ninja streams that they host on the NinjaOne YouTube channel. This stream was on August 7th, 2025 and was a conversation that NinjaOne's Brittany hosted to discuss how workflow automation via the n8n open source tool can be an effective way to automate things within an MSP.

The video is about an hour long. Here it is, following the official stream description:

Join community members as they share examples of how they're using the workflow automation tool n8n to help their teams do more with less. We'll dive into the practical step-by-steps for getting started, highlight key do's and don'ts and also a Q&A.

There were several tools and sites mentioned in the stream, but I did specifically mention a GitHub repository with templates for deploying n8n with Caddy via containers to a cloud server using podman on AlmaLinux. One of many options for n8n deployment, with the self-hosted version providing more Community Nodes support compared to the cloud-hosted version that n8n provides themselves and is also worth checking out.

This is the third stream where I've been a guest of NinjaOne, the others you can see were on writing PowerShell scripts in How to Write PowerShell (Like a Ninja) and a session on Proving the ROI of Scripting and Automation (Like a Ninja). Thanks to NinjaOne for the invitation!

My History with Password Managers​

I've been using 1Password since the month LastPass got bought by LogMeIn in 2015; I was a paying user there for five years (they started in 2008, and I have a receipt for LastPass Premium from January 15, 2010 and a support ticket response email I got from a bug report from LastPass Co-Founder and CTO Robert Billingslea on Oct 20, 2010!). I wasn't thrilled with the acquisition and I believe my reasons have been vindicated, but I'm not here to discuss LastPass, I'm here to discuss 1Password from AgileBits, which is where I ended up. Actually my earliest 1Password receipt is from December 14, 2012 when I bought version 4.0.2, though I didn't switch to using it full-time immediately! But I've been very happy with them and their approach to security ever since. With that said, keep in mind that security is always about risk reduction, not perfection. There's no guarantee 1Password won't be compromised tomorrow, but that's not unique to them. However, what I want to do is highlight a few of the features, including security, that are the reasons I've been happy with them personally for a long time and am why I continue to use them today both at home and work.

1Password Business and Their Internal Security Expert​

At work we were beta testers of 1Password Business before initial release, so I've had a long history with the personal and business products. I used to be active on the 1Password Forums, and I'm very happy they had Jeffrey Goldburg as their security guy for 13 years (he left last year, in 2024 after 13 years) because he made sure their actual algorithms and implementations were done well and securely, since implementation of even the best algorithms is usually where software security goes wrong (you know, bugs).

While Jeffrey was at AgileBits, he did a bunch of public speaking and blogging and writing, remaining involved in both their customer community as well as the security and math communities. In part because of his input but also the company culture that supported hiring him in the first place, they've consistently shown that they prioritize actual security done correctly over getting features out the door, but they also spend time and energy on the design, usability, and speed of the application. The fact that the company has paid to have an expert of this type on staff since nearly their beginning is something I've always appreciated because they're putting their money where their mouth is.

Continue reading to see my favorite features, how I've reviewed their security, and some of the other features I've found useful, from security, user, and developer standpoints.

Do you run your own self-hosted ConnectWise ScreenConnect server on Windows? If so, you may have wished to be able to stop manually renewing TLS certificates, and ConnectWise refused to add automation. I've documented how to provision LetsEncrypt certificates for ScreenConnect and automatically renew them, for free!

If you'd like the full README file and small script to plug in with the directions, you can go directly to the folder in my GitHub repository, or you can continue reading part of the README I've copied here to ensure it's a good fit for your situation before jumping over.

Context and Background​

When using a self-hosted ConnectWise ScreenConnect server, if you don't want to manually renew the TLS/SSL certificates annually, you must set up TLS certificates using LetsEncrypt. This is a feature that ConnectWise has rejected including, but the application does not use IIS directly, so the certificate that's used must be manually bound to the application initially and after renewal. This script is designed for Windows and is NOT relevant for Linux or macOS, where older versions of ScreenConnect ran and where there is more documentation available online for automating this process (and ConnectWise doesn't support SSO on any servers except Windows, which is important for some people).

Introduction and Overview​

There were too many possible options, libraries, and methods to try but no simple process with a very straightforward installation script that was tested for use on modern Windows versions with the default ScreenConnect web server configuration that didn't involve proxies or third parties like CloudFlare, so I assembled this process that requires the very well-written, easy-to-use, and frequently updated win-acme tool and a tiny script to install the certificate. Hopefully this provides the push to stop renewing certificates manually for ScreenConnect!

What this is not​

This process assumes you already have an operational ScreenConnect installation on your own self-hosted server, and that it's already configured with a valid TLS certificate, perhaps issued by RapidSSL or any other certificate authority where you buy certificates and manually retrieve and install them, but that you'd like to switch to using LetsEncrypt certificates instead.

This process assumes you are having LetsEncrypt configured for TLS, are using the built-in web server and not proxying the web server through a third party like CloudFlare or yourself using nginx or Caddy, so it doesn't walk you through that process. It also assumes you have locked down the TLS settings yourself and validated it using a service like Qualys SSLLabs in order to ensure only modern and secure TLS configurations are used.

Thanks to Jonathan Crowe, the Director of Community at NinjaOne, for inviting me to be a part of one of the Like a Ninja streams that they host on the NinjaOne YouTube channel every couple of weeks. This stream was on October 9th, 2024 and was a conversation with that Jonathan hosted with Mark Giordano, a Technical Product Manager at NinjaOne and former customer and community member (also known as AiVenom), and me around how to determine the Return on Investment, or ROI, of scripting and automation.

While programmers and technicians are usually somewhat easy to convince about why automating things is worth investing time and effort into, it's not always easy to convince business leadership that automation is worth it, because the business wins aren't always as obvious when automation is approached from a technical perspective.

The video is about an hour long. Here it is, following the official stream description:

Does it feel like the time you spend on scripting and related training is going unappreciated? Or, worse yet, like you'll never get approval for that in the first place? Effective use of scripting can be a game-changer for IT admins, but unfortunately management doesn't always view it as a priority, and it's rare when the value of it is clearly communicated to all the stakeholders involved.

Join us for tips on how you can better highlight the business value of scripting, and get increased buy-in and support for it as a critical time investment.

Thanks to Jonathan Crowe, the Director of Community at NinjaOne, for inviting me to be a part of one of the Like a Ninja streams that they host on the NinjaOne YouTube channel every couple of weeks. This stream was on February 28th, 2024 and was a conversation with that Jonathan hosted to let me demonstrate how to write PowerShell scripts using an existing script I've published as an example to walk through.

The video is about an hour long. Here it is, following the official stream description:

Join NinjaOne star David Szpunar as we go over how to write PowerShell scripts like a ninja!

The video is somewhat fast-paced and does assume some beginner knowledge of PowerShell, focusing on the structure of building the structure of a script into a usable whole with various parameters and functions.

Setting Up VS Code and Git Like a Ninja​

If you enjoyed that video, a month later on March 26th, 2024, NinjaOne community member and PowerShell programmer extraordinaire Mikey O'Toole led a follow-up video stream called How to set up VS Code and Git Repo Like a Ninja that helps get you further down the programming rabbit hole with information on how to set up an environment more conducive to writing and debugging PowerShell on your own machine, as well as tracking changes and sharing code using Git and a centralized source such as GitHub or one of the alternative services.

Welcome​

I'm the CEO of a US-based IT services company (Managed Services Provider, or MSP) and the owner of a sister company that offers business phone systems (VoIP), and I like technology (and people! People are great, I love people! We use technology to serve them, but I have a soft spot for the tech like a true geek!). While I have a long history with and interest in technology and programming and security, I've spent my free time relaxing by playing with PowerShell lately, and have had fun sharing them with peers to help the community.