我的學習手記 A technical geek blog: October 2023

Tuesday, October 24, 2023

Windows 10 cannot connect Internet

Symptoms:

Cannot ping public IP address
Cannot resolve DNS
Wireless/Wired LAN show connected and it show able to connect to Internet
Each time connect and disconnect will able to ping in few package then drop the connection

Solution:

Run command : "netsh winsock reset" and reboot the machine

Tuesday, October 17, 2023

Sangfor SSL VPN diagnose and fixing tool

Saturday, October 14, 2023

Sangfor SASE service

User activity log:

Block page:

Microsoft Defender Plan 1 plus Trellix Endpoint (formerly McAfee Mvision) and with Microsoft Defender Plan 2

M365 E3 users entitle to MS Defender Plan 1. There are TWO Options to enhance the endpoint security if you would like to leveage Microsoft Defender:

Option 1: MS Defender Plan 1 + Trellix Endpoint

Option 2: Upgrade to MS Defender Plan 2

Reference:

Microsoft Defender for Endpoint Plan 1 Now Included in M365 E3/A3 Licenses

https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/microsoft-defender-for-endpoint-plan-1-now-included-in-m365-e3/ba-p/3060639

Trellix Endpoint (formerly McAfee Mvision) enhances protection on your Microsoft Windows 10 and Microsoft Windows Server 2016 (and later) endpoints.

Key features (trellix.com)

Trellix Support Community - Difference between MVISION Endpoint and Endpoint S... - Support Community

Thursday, October 12, 2023

Windows Inisder Program 9th Anniversary

Tuesday, October 10, 2023

Google Chromecasts did not support AP isolation, WPA3 or even protected management frames (PMF)

If you need to disable PMF on your AP, you need to disable "Wifi Agile Multiband" too.

Reference:

https://www.reddit.com/r/Chromecast/comments/14bymhw/found_out_chromecasts_arent_compatible_with_wifi/

Monday, October 9, 2023

WPA2/WPA3 Mix mode (混合模式) potential performance issue

To resolve this issue, there are workaround to keep one SSID use WPA2 for old device and one SSID use WPA3 for supported device.

Reference:

https://help.keenetic.com/hc/en-us/articles/360014406080-What-can-cause-speed-degradation-on-some-mobile-clients-when-operating-in-mixed-mode-WPA2-WPA3-

Friday, October 6, 2023

SharePoint audit to list site owner

One of the question for SharePoint audit to list site owner, there are Powershell able to help.

Leave the "Credential" parameter since use an MFA-enabled user account.

In the script, you need to provider your SharePoint admin page, you can follow the following:

Identify the SharePoint Online Admin URL (solarwinds.com)

Reference:

https://www.sharepointdiary.com/2018/02/get-sharepoint-online-site-owner-using-powershell.html

Wednesday, October 4, 2023

O365 User failed to access another company O365 resource due to restrict access to a tenant (Azure AD Tenant Restrictions)

Azure AD Tenant Restrictions is a feature available for Azure AD customers which can be used to control the Azure AD tenants a user of an organization can access applications/resources in. It is applied by having a proxy service or similar service append additional HTTP headers for requests sent to Azure AD which tell Azure AD which tenants are allowed for a user and which tenant to log the requests in.

This setting impacts users of an organization when they access an application which is integrated with an Azure AD tenant.

Error message: Your network administrator has blocked access. External access is blocked by policy. Contact your IT department for access.

There are example of how to make change on your proxy:

Controlling Office 365 access using tenant restrictions on Edge SWG (ProxySG) or Advanced Secure Gateway.

https://knowledge.broadcom.com/external/article/169870

Restrict users to a specific Office 365 tenant via Forcepoint Content Gateway proxy

https://support.forcepoint.com/s/article/000017790

Restricted SaaS access | FortiGate / FortiOS 7.4.1 | Fortinet Document Library

https://docs.fortinet.com/document/fortigate/7.4.1/administration-guide/8049/restricted-saas-access

["Restrict-Access-To-Tenants"] = "Your company tenant", "Your business partner tenant"

For example: Your company is abc.onmicrosoft.com and your business partner is hkea.onmicrosoft.com

Your configuration will be like the following:

["Restrict-Access-To-Tenants"] = abc.onmicrosoft.com,hkea.onmicrosoft.com

Reference:

https://learn.microsoft.com/en-us/azure/active-directory/manage-apps/tenant-restrictions

AAD upgrade from v1 to v2 need to pay attention items (Post check items)

Need to check the "Domain and OU filtering" under Azure Active Directory Connect is it include all users OU
After the upgrade complete and full sync complete, go to M365 admin center (Users -> Deleted users) to check if there are any users being move to "deleted user" (Soft-deleted), if yes, go to Synchronization Service Manager to check log profile name "Export", to see if there are any "Deletes". If there are no. of deletes, go back to "Domain and OU filtering" under Azure Active Directory Connect to see any "deleted user" under deselected OU. (To resolve this issue, add back the deselected OU, run full sync (Start-ADSyncSyncCycle -PolicyType initial) and run delta sync (Start-ADSyncSyncCycle) on AAD. User account will back to active user on AAD

How to turnoff new message notifications of WhatsApp and Outlook email on Windows 10 lock screen?

Go to "Notifications & actions" to turn off those app notifications setting.

Reference:

Unwanted Lock Screen Message - How to turn off? - Microsoft Community

Monday, October 2, 2023

Open Source Threat Intel Feeds - Free TI Feeds

GitHub - Bert-JanP/Open-Source-Threat-Intel-Feeds: This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple types such as IP, URL, CVE and Hash.

Pages

Tuesday, October 24, 2023

Tuesday, October 17, 2023

Saturday, October 14, 2023

Thursday, October 12, 2023

Tuesday, October 10, 2023

Monday, October 9, 2023

Friday, October 6, 2023

Wednesday, October 4, 2023

Monday, October 2, 2023