Connect
Ask Community
Ask the community
Ask Community

The All-New Technicians & Roles Revamp is Here! Solved

Profile photo of edenpierce
edenpierce
Hexnode Expert
Discussion
Hexnode UEM
2 days ago Jun 15, 2026

Get ready to level up your admin game. We’ve completely overhauled the Technicians and Roles section under the Admin tab in Hexnode UEM.

Not only did we streamline the entire configuration workflow, but we also packed this update with brand-new security features and granular controls.

Here is exactly what is new and what has changed in this massive upgrade.

The Game-Changer: Technician Profiles (New Section)

Previously, you had to manually configure security and access settings every time you created a single technician. Now, we’ve introduced the Profiles tab.

Think of a Profile as a master template where you define all access rules, security requirements, and scopes once, and then assign it to as many technicians as you want.

When you click Create New Profile, you will build it using four powerhouse sections. Keep an eye out for the [NEW] tags below to see the latest feature additions!

1. Sign-in & Security (Upgraded & Expanded)

We took the old single sign-on and 2FA settings, moved them here, and added massive upgrades for total access control. You can now fully configure:

  • Login Settings: Mix and match your authentication methods. [NEW] You can now explicitly toggle Local Logins on or off alongside Google, Microsoft, and Okta.
  • CAPTCHA: Set triggers to verify with CAPTCHA after a specified number of failed login attempts to prevent brute-force attacks.
  • Two-Factor Authentication (2FA): We’ve supercharged 2FA with new flexibility. You can enable Hexnode-managed 2FA, choose to send the verification code via Email or Text message, ask the user to set up a Third Party Authenticator, and bypass OTP verification for trusted IPs.
    • [NEW] Set the validity of the verification code (choose between 3, 5, or 10 minutes).
    • [NEW] Bypass OTP verification for subsequent logins from trusted browsers.
    • [NEW] Skip 2FA for specific actions.
  • [NEW] IP Restrictions (New Section): Lock down access to your portal by defining specific Allowed IPs or establishing Allowed IP ranges.
  • [NEW] Browser Settings (New Section): Dictate exactly which browsers are permitted to access your portal. Toggle access specifically for Microsoft Edge, Google Chrome, Safari, and Mozilla Firefox, or simply allow all browsers.
  • Session Expiry: Force automatic logouts after a set period of inactivity.

2. Role & 3. Scope (Streamlined Flow)

Assign the level of access (Roles) and define the exact boundaries (Scopes—like specific devices, users, user groups, device groups, domains, or OUs) directly within the Profile template.

4. Password Policy (New Section)

Take complete control over local login security with an ironclad, highly customizable password policy for your technicians:

  • Minimum Length: Mandate strict character counts (e.g., 15 characters).
  • Password Complexity: Choose between Alphanumeric, Complex, or Allow any ASCII characters.
  • Character Limits: Restrict consecutive identical characters and the maximum number of consecutive characters of an identical class.
  • Password Age & History: Force rotations (e.g., 30, 45, 60, 90 days, or Never) and prevent users from recycling old passwords by keeping up to 10 in their history.

Streamlined Technician Creation & UPN Support

Because all the heavy lifting is now done inside the Profile, adding a new technician is incredibly fast. When you head over to the Technicians tab and click Add Technician, you only need to fill out their core account info.

Here is what is new on this screen:

  • [NEW] Login Identity: You are no longer restricted to just an email address! You can now choose between Email or UPN (User Principal Name).
  • [NEW] Communication Email: If you select UPN as the login identity, you will be prompted to add a Communication Email. This ensures all account-related notifications and system alerts still reach the user reliably.
  • [NEW] Assign Profile: Simply pick the master profile you created earlier. Boom—they instantly inherit every role, scope, and security policy attached to it.

Roles Update: Read-Only, Templates & New Permissions

We haven’t forgotten about the Roles tab! We’ve added some highly requested features to make role management even better:

  • [NEW] Read Only Technician: Previously, default roles only included Admin, Reports Manager, and Apps and Reports Manager. Now, meet the Read Only Technician. Perfect for auditors, executives, or stakeholders who need view-only access to all configurations without the ability to change a single thing.
  • [NEW] Role Templates: Create and manage role templates. These templates can be used as a starting point when creating new custom roles, so you do not have to build permissions from scratch.
  • [NEW] Expanded Custom Permissions: Custom roles let you cherry-pick exactly which tabs, features, and actions a technician can access. We’ve officially expanded this list! You can now explicitly grant permissions for the new Automate tab and the Initiate Automation action (located under the Actions section), giving you ultimate control over who gets to trigger your automated workflows.

The TL;DR

You build the Profile (Security + Role + Scope + Passwords) → You add the Technician (Email/UPN) → You assign the Profile. It is clean, it is secure, and it is going to save you a ton of administrative overhead.

Dive into your Admin tab today and check it out!

Cheers,
Eden Pierce
Hexnode UEM

topic view count 18 Views

Tags

Hexnode UEM 106.0.0 (2) Technicians & Roles (23)
Reply

Replies (0)

Be the first to reply!
Load more
Save
Related Topics

Leaderboard

Popular Tags

ABM (69)
Android (582)
iOS (434)
macOS (534)
Windows (402)
Apple TV (33)
App Management (465)
Enrollment (155)
Location (34)
Kiosk (282)
Scripts (103)
ADE (60)
OS Updates (87)
Android Enterprise (159)
View all