14 DAY FREE TRIAL

No Search Results

No Search Results

14 DAY FREE TRIAL
  1. Help Center
  2. Managing Windows Devices
  3. Accounts

Category filter

Manage local user accounts of Windows devices enrolled in Hexnode UEM

Jump To

Managing local user accounts on corporate assets enhances security by determining user access to devices. Organizations can easily create and maintain user accounts while having centralized control over them with Hexnode’s Local Accounts management for Windows devices. It provides a set of actions for managing user accounts like creating local accounts, syncing user accounts with the portal, unlocking a user account, changing user roles, resetting passwords, disabling/enabling/deleting user accounts, and more. Let’s understand in deeper about how to manage local user accounts on Windows devices with Hexnode UEM.

Note:

  • The device should have the latest version of the Hexnode UEM app installed.
  • This feature is available only on the Ultimate and Ultra plans.

How to remotely manage local users on Windows?

Hexnode UEM provides a range of remote management options for local accounts on your Windows devices.

Sync Local Accounts

This action helps you to sync all the user accounts on your Windows with Hexnode UEM.

  1. Log in to the Hexnode UEM console.
  2. Navigate to the Manage tab and click on the name of the Windows device whose local accounts you want to display.
  3. Click on Actions and choose Sync Local Accounts.
  4. Now click on the Local Accounts tab.

Here, you’ll find a list of all the active users on the Windows device, along with additional details such as:

  • Account name: Shows the username of the users.
  • Role: Indicates whether the user is an Administrator or a Standard user.
  • Account Type: Specifies whether the user is a local user or network user.
  • Status: Indicates whether the user is currently logged in or logged off.

To access inactive or deleted users, simply click on the ‘Show Inactive/Deleted Users’ button located at the bottom of the user accounts list.

List of all active/inactive local user accounts on a Windows device

Clicking on the name of a user will provide you further details, such as:

  • Full name: Displays the complete name of the user.
  • Account name: Displays the username of the user.
  • Account role: Specifies whether the user is an Admin user or a Standard user.
  • Description: Provides details about the created user account.
  • SID (Security Identifier): Represents a unique alphanumeric string assigned to the user account by the Windows operating system.
  • Home directory path: Indicates the location of the user’s home folder.
  • Locked account: Indicates whether the user account is currently locked due to multiple failed login attempts.
  • Password last changed on: Shows the date and time when the account password was last modified.
  • Password hint: Provides the hint for the user’s password.
  • Last successful login: Displays the date and time of the user’s last successful login.
  • Failed login attempts: Indicates the number of failed login attempts since the last successful login.
  • User can change password: Specifies whether the user has permission to change their account password.
  • Password never expires: Indicates whether the user’s password is set to expire or not.
  • Disable account: Indicates whether the user account is currently disabled or not.

Details of a local user account on Windows device

Create User Account

This action aids you in creating a new local user account on your Windows device.

  1. Log in to your Hexnode portal.
  2. Navigate to Manage > Devices.
  3. Select the Windows device to which you want to add a new user.
  4. Click the Local Accounts tab and click the Create User Account icon.
  5. A dialog box opens up. Choose either of the following 2 options and configure various settings that follow.

    1. Choose a user from Hexnode” :

    • Domain
    • User
    • Account Name
    • Full Name
    • Description
    • Account Role
    • Password
    • Verify Password
      • User must change password at next login
      • Password never expires
      • User cannot change password
    • Password Hint
    • Disable Account

    2. Create a new user:

    • Account name
    • Full Name
    • Description
    • Account Role
    • Password
    • Verify Password
      • User must change password at next login
      • Password never expires
      • User cannot change password
    • Password Hint
    • Disable Account
  6. Click on Create to create a new user account.

Check out our detailed guide on creating user accounts
on Windows devices.

OR
  1. Navigate to Manage > Devices.
  2. Select the Windows device to which you want to add a new user.
  3. Click Actions > Create User Account.
  4. Configure various settings as mentioned above and click on Create to create a new user account.

Create a new local user account via the Actions tab on Windows

Force Log Out User

This action will force log out the user from their current active session.

  1. Navigate to Manage > Devices.
  2. Select the Windows device whose user account(s) you want to force log out.
  3. Click the Local Accounts tab.
  4. Click the Power button icon corresponding to the user that you want to force log out which is situated to the left of the horizontal three-button menu.
  5. Click Proceed in the confirmation dialog box.
  6. Click Confirm to force log out the user.

OR
  1. Navigate to Manage > Devices.
  2. Select the Windows device whose user account(s) you want to force log out.
  3. Click the Local Accounts tab.
  4. Click the name of the user that you want to force log out under the Local Accounts tab.
  5. Click the Actions button and choose the Force Log-Out User option.
  6. Click Proceed in the confirmation dialog box.
  7. Click Confirm to force log out the user.

To log out a local user forcefully on Windows devices, use the Force Log Out action

Unlock Account

This action aids you in unlocking user accounts that have been locked due to repeated failed password attempts.

  1. Navigate to Manage > Devices.
  2. Select the Windows device whose user account(s) you want to unlock.
  3. Click the Local Accounts tab.
  4. Click the name of the user that you want to unlock.
  5. Click Actions and choose the Unlock User Account option.
  6. Click Proceed in the confirmation dialog box.
  7. Click Confirm to unlock the user.

OR
  1. Navigate to Manage > Devices.
  2. Select the Windows device whose user account(s) you want to unlock.
  3. Click the Local Accounts tab.
  4. Click the horizontal three-dot menu corresponding to the respective user.
  5. Click the Unlock User Account option from the drop-down menu.
  6. Click Proceed in the confirmation dialog box.
  7. Click Confirm to unlock the user.

Unlock a local user account via Unlock User action on Windows devices

Change User Role

This action allows you to change the role of a user to either Administrator or Standard user.

  1. Navigate to Manage > Devices.
  2. Select the Windows device whose user account(s) role you want to change.
  3. Click the Local Accounts tab.
  4. Click on the name of the user for whom you want to change the role.
  5. Click Actions and choose the Change User Role option.
  6. In the Change User Account Role page, the new role to be assigned for the user will be mentioned. Additionally, you can configure whether the change in user role is temporary by enabling the Change role temporarily checkbox. Specify the duration for the temporary role change next to the Change role for option. Choose 30 minutes, 1 hour, 2 hours, 4 hours, or 12 hours. Click on Proceed.
  7. Click Confirm to change the user role.

OR
  1. Navigate to Manage > Devices.
  2. Select the Windows device whose user account(s) role you want to change.
  3. Click the Local Accounts tab.
  4. Click the horizontal three-dot menu corresponding to the respective user.
  5. Click the Change User Role option.
  6. In the Change User Account Role page, the new role to be assigned for the user will be mentioned. Additionally, you can configure whether the change in user role is temporary by enabling the Change role temporarily checkbox. Specify the duration for the temporary role change next to the Change role for option. Choose 30 minutes, 1 hour, 2 hours, 4 hours, or 12 hours. Click on Proceed.
  7. Click Confirm to change the user role.

Change the role of a local user account using Change User Role action on Windows device

Change Password

This action allows you to change the user’s password.

  1. Navigate to Manage > Devices.
  2. Select the Windows device whose user account(s) password you want to change.
  3. Click the Local Accounts tab.
  4. Click the name of the user to which you want to change the password.
  5. Click Actions and choose the Change Password option.
  6. Type in your new password, then re-enter the password for verification, and provide a password hint. There are three checkboxes under Verify Password:
    • User must change password at next logon.
    • Password never expires.
    • User cannot change the password.

      Check the appropriate boxes accordingly, and then click Proceed.

  7. Click Confirm to change the password of the user.

OR
  1. Navigate to Manage > Devices.
  2. Select the Windows device whose user account(s) password you want to change.
  3. Click the Local Accounts tab.
  4. Click the horizontal three-dot menu corresponding to the respective user.
  5. Choose the Change Password option from the drop-down menu.
  6. Type in your new password, then re-enter the password for verification, and provide a password hint. There are three checkboxes under Verify Password:
    • User must change password at next logon.
    • Password never expires.
    • User cannot change the password.

      Check the appropriate boxes accordingly, and then click Proceed.

  7. Click Confirm to change the password of the user.

With the Change Password action, the password for a local user account can be updated on Windows devices

Note:


When setting a password with special characters, it is recommended to exclude characters like ¡, ™, £, ¢, ∞, §, ¶, •, ª, º, –, ≠, «, ‘, “, æ, …, ÷, ≥, ≤.

Disable Account

This action allows you to temporarily restrict a user’s access to the device.

  1. Navigate to Manage > Devices.
  2. Select the Windows device whose user account(s) you want to disable.
  3. Click the Local Accounts tab.
  4. Click on the name of the user that you want to disable.
  5. Click Actions and choose the Disable User option.
  6. Click Proceed in the confirmation dialog box.
  7. Click Confirm to disable the user.

OR
  1. Navigate to Manage > Devices.
  2. Select the Windows device whose user account(s) you want to disable.
  3. Click the Local Accounts tab.
  4. Click the horizontal three-dot menu corresponding to the respective user.
  5. Click the Disable User option from the drop-down menu.
  6. Click Proceed in the confirmation dialog box.
  7. Click Confirm to disable the user.

Disable a local user account using Disable User action on Windows devices

An IT Admin must enable a disabled user from the portal for them to access their device.

Enable Account

This action allows you to enable a user account that was previously disabled using the Disable User action.

  1. Navigate to Manage > Devices.
  2. Select the Windows device whose user account(s) you want to enable.
  3. Click the Local Accounts tab.
  4. Click on the name of the user that you want to enable.
  5. Click Actions and choose the Enable User option.
  6. Click Proceed in the confirmation dialog box.
  7. Click Confirm to enable the user.

OR
  1. Navigate to Manage > Devices.
  2. Select the Windows device whose user account(s) you want to enable.
  3. Click the Local Accounts tab.
  4. Click the horizontal three-dot menu corresponding to the respective user.
  5. Click the Enable User option from the drop-down menu.
  6. Click Proceed in the confirmation dialog box.
  7. Click Confirm to enable the user.

Enable a local user account using Enable User action on Windows devices

Delete Account

This action allows you to delete a user from the device.

Note:


The user should be logged out before the action can be executed.

  1. Navigate to Manage > Devices.
  2. Select the Windows device whose user account(s) you want to delete.
  3. Click the Local Accounts tab.
  4. Click on the name of the user that you want to delete.
  5. Click Actions and choose the Delete User option.
  6. Click Proceed in the confirmation dialog box.
  7. Click Confirm to delete the user.

OR
  1. Navigate to Manage > Devices.
  2. Select the Windows device whose user account(s) you want to delete.
  3. Click the Local Accounts tab.
  4. Click the horizontal three-dot menu corresponding to the respective user.
  5. Click the Delete User option from the drop-down menu.
  6. Click Proceed in the confirmation dialog box.
  7. Click Confirm to delete the user.

Delete a local user account using Delete User action Windows devices

Report of Local Accounts on Windows devices

Hexnode allows you to retrieve a detailed report outlining all user accounts across various Windows and macOS devices enrolled in Hexnode UEM. The report provides insights into session types, session details, sync dates, login and logout times, session durations, and more for each local user account on your Windows device. To access this report, simply navigate to Reports > Device Reports > Local Accounts.

Report of all local user accounts on a Windows device

Need more help?
Raise a Ticket Raise a Ticket
Ask Community Ask Community
Chat With us Chat With us
  • Managing Windows Devices