Tuesday, October 24, 2023

Windows 10 cannot connect Internet

Symptoms:      
  1. Cannot ping public IP address
  2. Cannot resolve DNS
  3. Wireless/Wired LAN show connected and it show able to connect to Internet
  4. Each time connect and disconnect will able to ping in few package then drop the connection
Solution:

  1. Run command : "netsh winsock reset" and reboot the machine

Print Friendly and PDF
Share/Bookmark

Tuesday, October 17, 2023

Sangfor SSL VPN diagnose and fixing tool




Print Friendly and PDF
Share/Bookmark

Saturday, October 14, 2023

Sangfor SASE service

User activity log:

 

 

Block page:

 

 

Print Friendly and PDF
Share/Bookmark

Microsoft Defender Plan 1 plus Trellix Endpoint (formerly McAfee Mvision) and with Microsoft Defender Plan 2

M365 E3 users entitle to MS Defender Plan 1. There are TWO Options to enhance the endpoint security if you would like to leveage Microsoft Defender:


Option 1: MS Defender Plan 1 + Trellix Endpoint


Option 2: Upgrade to MS Defender Plan 2


Reference:


Microsoft Defender for Endpoint Plan 1 Now Included in M365 E3/A3 Licenses

https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/microsoft-defender-for-endpoint-plan-1-now-included-in-m365-e3/ba-p/3060639

 

Trellix Endpoint (formerly McAfee Mvision) enhances protection on your Microsoft Windows 10 and Microsoft Windows Server 2016 (and later) endpoints.

Key features (trellix.com)

Trellix Support Community - Difference between MVISION Endpoint and Endpoint S... - Support Community


Print Friendly and PDF
Share/Bookmark

Thursday, October 12, 2023

Windows Inisder Program 9th Anniversary


Print Friendly and PDF
Share/Bookmark

Tuesday, October 10, 2023

Google Chromecasts did not support AP isolation, WPA3 or even protected management frames (PMF)

Google Chromecasts did not support AP isolation, WPA3 or even protected management frames (PMF)

 

If you need to disable PMF on your AP, you need to disable "Wifi Agile Multiband" too.

 

Reference:

https://www.reddit.com/r/Chromecast/comments/14bymhw/found_out_chromecasts_arent_compatible_with_wifi/

 

Print Friendly and PDF
Share/Bookmark

Monday, October 9, 2023

WPA2/WPA3 Mix mode (混合模式) potential performance issue

To resolve this issue, there are workaround to keep one SSID use WPA2 for old device and one SSID use WPA3 for supported device.

Reference:

Print Friendly and PDF
Share/Bookmark

Friday, October 6, 2023

SharePoint audit to list site owner

One of the question for SharePoint audit to list site owner, there are Powershell able to help.

 

Leave the "Credential" parameter since use an MFA-enabled user account.

#Read more: https://www.sharepointdiary.com/2018/02/get-sharepoint-online-site-owner-using-powershell.html#ixzz8FK7Cd7AC

 

In the script, you need to provider your SharePoint admin page, you can follow the following:

Identify the SharePoint Online Admin URL (solarwinds.com)

 

Reference:

https://www.sharepointdiary.com/2018/02/get-sharepoint-online-site-owner-using-powershell.html   

 

Print Friendly and PDF
Share/Bookmark

Wednesday, October 4, 2023

O365 User failed to access another company O365 resource due to restrict access to a tenant (Azure AD Tenant Restrictions)

Azure AD Tenant Restrictions is a feature available for Azure AD customers which can be used to control the Azure AD tenants a user of an organization can access applications/resources in. It is applied by having a proxy service or similar service append additional HTTP headers for requests  sent to Azure AD which tell Azure AD which tenants are allowed for a user and which tenant to log the requests in. 

This setting impacts users of an organization when they access an application which is integrated with an Azure AD tenant.

Error message: Your network administrator has blocked access. External access is blocked by policy. Contact your IT department for access.

 

 
There are example of how to make change on your proxy:
Controlling Office 365 access using tenant restrictions on Edge SWG (ProxySG) or Advanced Secure Gateway.

Restrict users to a specific Office 365 tenant via Forcepoint Content Gateway proxy

Restricted SaaS access | FortiGate / FortiOS 7.4.1 | Fortinet Document Library

["Restrict-Access-To-Tenants"] = "Your company tenant", "Your business partner tenant"

For example: Your company is abc.onmicrosoft.com and your business partner is hkea.onmicrosoft.com

Your configuration will be like the following:

["Restrict-Access-To-Tenants"] = abc.onmicrosoft.com,hkea.onmicrosoft.com

Reference: 

Print Friendly and PDF
Share/Bookmark

AAD upgrade from v1 to v2 need to pay attention items (Post check items)

  1. Need to check the "Domain and OU filtering" under Azure Active Directory Connect is it include all users OU
  2. After the upgrade complete and full sync complete, go to M365 admin center (Users -> Deleted users) to check if there are any users being move to "deleted user" (Soft-deleted), if yes, go to Synchronization Service Manager to check log profile name "Export", to see if there are any "Deletes". If there are no. of deletes,  go back to "Domain and OU filtering" under Azure Active Directory Connect to see any "deleted user" under deselected OU. (To resolve this issue, add back the deselected OU, run full sync (Start-ADSyncSyncCycle -PolicyType initial) and run delta sync (Start-ADSyncSyncCycle) on AAD. User account will back to active user on AAD
Print Friendly and PDF
Share/Bookmark

How to turnoff new message notifications of WhatsApp and Outlook email on Windows 10 lock screen?

Go to "Notifications & actions" to turn off those app notifications setting.


Reference:

Print Friendly and PDF
Share/Bookmark

Monday, October 2, 2023

Open Source Threat Intel Feeds - Free TI Feeds

Print Friendly and PDF
Share/Bookmark