Ulysses Moreira das Neves writes in-depth guides on Microsoft Entra ID, Privileged Identity Management, and Windows Hello for Business security.
11 articles from this blog
Microsoft Authenticator will block work/school accounts on jailbroken or rooted devices starting in 2026, with a phased rollout.
A technical guide on enhancing Azure role activation security using Entra PIM with Conditional Access authentication strength and FIDO2/Passkeys.
A technical tutorial on implementing a Conditional Access Policy in Microsoft Entra ID to enforce Windows Hello for Business authentication for Office 365.
Troubleshooting guide for Windows Hello for Business error '0x000005e' during PIN authentication in a cloud Kerberos trust scenario.
A technical guide to diagnosing and fixing the 'LogoncertTemplateReady: NO (StateNoTemplate)' error in Windows Hello for Business hybrid deployments.
Troubleshooting guide for common Windows service startup errors, including registry fixes and dependency management.
A technical guide on enforcing passwordless sign-in using Microsoft Authenticator via Azure AD Conditional Access authentication strength policies.
Troubleshooting guide for fixing 'Cloud trust for on-premise auth policy is enabled: No' during Windows Hello for Business migration to Cloud Kerberos Trust.
Troubleshooting guide for Windows Hello for Business Cloud Kerberos Trust enrollment issues, focusing on missing Cloud TGT.
How to fix the AD FS error 'None of the UPNs were successful for S4U Logon call' related to the Protected Users group.
Troubleshooting guide for fixing 'Your credentials did not work' error during authentication on an Azure AD Joined machine in a federated domain.
