我的學習手記 A technical geek blog

Friday, December 12, 2025

Huawei Secure Erase on RAID Controller

Huawei RH1288v3 server is one of the model RAID controller built-in this features

Huawei secure erase uses Multi-pass overwrite (3x), which is a recommended Purge method suggested by NIST SP 800-88 Rev. 1. The current NIST SP 800-88 Rev. 1 guidelines state that a single-pass overwrite is generally sufficient for purging data on modern hard disk drives (HDDs). For flash-memory-based media like SSDs, device-specific commands or cryptographic erase are the recommended purge methods.

Ctrl + R 入 Raid controller

F2 on Virtual Drives

Windows Server 2022 CIS hardening script

Use the Veeam Windows Hardening Script can easy to hardening a Windows Server 2022

https://github.com/lukas-kl/veeam-win-hardening-script

Copy those files to C:\install
Run the powershell with administrator right
Reboot the server

Wednesday, December 3, 2025

Update ADFS certificate after Microsoft deprecation of Azure AD and MSOnline PowerShell (Connect-MsolService) and retirement is on July 1, 2025.

Solution:

1. (AAD Server) Microsoft Entra Connect Sync --> (Need to use the cert.pfx file)

2. Welcome --> Configure --> Manage federation --> Manage certificates --> Update SSL certificate

3. restart ADFS Service

Remark: You still need to go to ADFS proxy to use Powershell to update the SSL cert on the proxy server after the above step to upload the public cert to Azure.

A website help you to search for Known Exploited Vulnerabilities (KEV)

https://www.k-solveglobal.ai/KEV

Purpose: The portal helps organizations focus their patching efforts on vulnerabilities that are actively being exploited by threat actors in the wild, which are considered the most urgent threats.

Source of Data: The portal dynamically integrates with the official CISA KEV Catalog via data feeds (CSV/JSON).

Functionality: Users can monitor live KEV updates, identify threats relevant to their specific systems, and generate reports filtered by vendor or CVE (Common Vulnerabilities and Exposures) to streamline their vulnerability management process.

Windows Insider

Time flying, 11 years ago.

Wednesday, November 5, 2025

How to bypass proxy for Microsoft Update via Pac file

// Bypass for Microsoft Update domains

if ( shExpMatch(host, "download.microsoft.com") || shExpMatch(host, "ntservicepack.microsoft.com") || shExpMatch(host, "cdm.microsoft.com") || shExpMatch(host, "wustat.windows.com") || shExpMatch(host, "windowsupdate.microsoft.com") || dnsDomainIs(host, ".windowsupdate.microsoft.com") || shExpMatch(host, "update.microsoft.com") || dnsDomainIs(host, ".update.microsoft.com") || dnsDomainIs(host, ".windowsupdate.com") || dnsDomainIs(host, ".windowsupdate.microsoft.com") || dnsDomainIs(host, ".download.windowsupdate.com") || dnsDomainIs(host, ".prod.do.dsp.mp.microsoft.com") || dnsDomainIs(host, ".dl.delivery.mp.microsoft.com") || dnsDomainIs(host, ".delivery.mp.microsoft.com") || dnsDomainIs(host, "tsfe.trafficshaping.dsp.mp.microsoft.com") || dnsDomainIs(host, "ctldl.windowsupdate.com") ) return "DIRECT";

Windows 11 24H2 (OS Build 26100.6901) Wifi issue on Lenovo T14s

The Wifi card will be missing (Disappear) when you switch from wired network to wifi

The problematic driver is Qualcomm FastConnect 6900 Wi0Fi 6E 2.0.0.1292

Solution: Upgrade to Microsoft Update Driver - 2.0.0.1308

Qualcomm Communications Inc. - Net - 2.0.0.1308 816d017f-d000-4277-b198-64f07f87fff9_9bf8ff15ef3ecdb207279ff6d350bf8abaeb34df.cab (SHA1: m/j/Fe8+zbIHJ5/201C/irrrNN8=) (SHA256: j4LduWL7jAobpBd4JIzDohsJYp0UPwHuADr34WWVYQA=)

https://www.catalog.update.microsoft.com/Search.aspx?q=Qualcomm%20FastConnect%206900

Pages