Connect
Ask Community
Ask the community
Ask Community
  • Home
  • Windows
  • Does anyone find the Hexnode Access for Widnows a bit strange?

Does anyone find the Hexnode Access for Widnows a bit strange?Solved

Profile photo of yangrhhh
yangrhhh
Participant
Discussion
Hexnode UEM
4 days ago

Hey, we are recently onboarding Hexnode as our MDM tool for managing windows laptops. There is a feature called Hexnode Access. I configured it and test it out but I do find this feature strange and have some questions but cannot find the answer from reading the documentations online from Hexnode

So the login setting has a ‘Limit Offline Access’ option. If that option is selected, we have to select a authentication frequency, every login, every 15 day, every 30 days etc. to authenticate using the configured IdP (we are using google workspace)

But what if there is no internet at the time it requires the authentication of the IdP? Even if the user knows the device login password, they cannot login because it requires authenticate using the Identity provider (there needs to be internet access)

Then if I uncheck ‘Limit Offline Access’, then I can login to the device using the device login password everytime, then what’s the point of setting up the Hexnode Access , which is supposed to use an IdP to authenticate user before the user login to the device?

hexnode access.png

 

topic view count 214 Views

Tags

Hexnode Access (10)
Reply

Replies (1)

Marked SolutionPending Review
Profile photo of ben_clarke Hexnode Expert image
ben_clarke
Hexnode Expert
3 days ago
Marked SolutionPending Review

Hi, thanks for your input regarding Hexnode Access!

When Limit Offline Access option is enabled in Hexnode Access, users are required to re-authenticate with the configured identity provider (such as Google Workspace) at specified intervals, like every login, every 15 days, or every 30 days. This helps ensure that user access remains tightly controlled and up to date.

However, if the device doesn’t have internet access at the time re-authentication is required, the user won’t be able to log in, even if they know the local device password, because the system needs to verify credentials with the identity provider (IdP) online.

If you choose to disable Limit Offline Access, users will only need to authenticate with the IdP once, typically during their first login. After that, they can log in using the local password, even without an internet connection.

While disabling Limit Offline Access may seem to reduce the influence of the identity provider, it’s important to note that Hexnode Access still enforces strict access control at the point of initial login. Only users in your IdP can access the device in the first place. Even without frequent re-authentication, Hexnode Access ensures that only authorized users ever gain access.

Hexnode Access is built to support a wide range of organizational policies. If your organization demands tight security with continuous identity validation, enabling Limit Offline Access is recommended. For organizations that prioritize user flexibility, disabling this option allows continued access post-authentication even offline without compromising the integrity of access control.

Feel free to reach out if you have any further questions. We are here to help!

Regards,
Ben Clarke
Hexnode UEM

Load more
Save
Related Topics

Leaderboard

Profile photo of bram Veteran image
bram
950 pts
Profile photo of remi Veteran image
remi
650 pts
Profile photo of wilma Veteran image
wilma
640 pts
Profile photo of luuk Veteran image
luuk
590 pts
Profile photo of boris Veteran image
boris
565 pts
View all

Popular Tags

ABM (33)
Android (333)
iOS (284)
macOS (352)
Windows (221)
Apple TV (23)
App Management (280)
Enrollment (62)
Location (22)
Kiosk (160)
Scripts (74)
DEP (35)
OS Updates (63)
Android Enterprise (80)
View all