- 05 Aug 2024
- 5 Minutes to read
- Print
- PDF
Add and Manage Users at Device Level
- Updated on 05 Aug 2024
- 5 Minutes to read
- Print
- PDF
In contrast to mobile phones, personal computers (PCs) are structured as user-based systems, with user accounts used for logging in and logging off from the devices. The IT Admins require the capability to remotely add and manage these accounts on the devices.
Although we have PowerShell scripts available to regulate various aspects of user account management, the process involved in creation of a user account may pose a challenge for an average IT administrator. Furthermore, the inconvenience arises from the need to publish a PowerShell script to a profile or group. To mitigate these issues, Scalefusion now provides efficient utilities at the device level, enabling IT administrators to directly and quickly add users as well as take other actions on them.
This document explains the process of adding and managing users on Scalefusion managed Windows Devices, at device level.
Before You Begin
- Device should be enrolled with Scalefusion.
- Scalefusion MDM Agent app's (agent app for Windows) latest version should be installed on the devices.
- Supported Windows OS: Windows 7, 8.1, 10, 11 (Pro, Business, Enterprise, Education and Home editions).
- Users should be subscribed to Enterprise or Business Plan.
Adding User(s)
- Login to Scalefusion Dashboard and navigate to Devices Section
- Click on View Details under the device for which you want to add users. This will take you to the Device Details page.
- Scroll down and click on User Accounts tab.
- To add user, click on Add User.
- The Add User dialog box will be displayed. Here, enter the following:
- User Name: Enter Username
- Password: Enter password. Minimum password length should be 8 characters
- Group: Select the group to which this user belongs, either Standard or Admin
- Hide Account from Logon list: Checking this box will hide the username at the time of login.
- Set this account to Autologin: If this flag is checked, the user will get logged in on the device automatically. To use this feature, user account should be created without password. Else, this feature will remain disabled. Accounts with password cannot be set to autologin.
- Click on Add. The user will be created and displayed on Dashboard.
If a user with the same name already exists, a message will be displayed asking you to choose a different name.
Usernames with more than 20 characters will be truncated upto 20th character with 00, 01, 02 and so on appended in case of similar usernames.
Managing Users
Clicking on Add creates the user on the device.
On the Dashboard, the user is displayed with following details:
- User Name: The user account name.
- Account Type: Account Type can be any of the following:
- Local
- Managed Local (managed local is shown if there is an email value): User accounts created through KeyCard
- Global Admin: Accounts created from Utilities > Global Settings > Windows Settings
- Managed Admin: Service accounts created by Scalefusion MDM agent for using features like KeyCard, Just-In-Time Admin
- Group: The group the user belongs to.
- Last Logged In: The date and time at which the user last logged in to the device.
- Last Logged Out: The date and time at which the user last logged out of the device.
Last Logged In/Out will display as NA if it is a fresh enrolled device
- Actions: Few actions can be taken on the users added. These are explained in next section.
Actions on Users
When you add a user from dashboard, an hourglass will be displayed in front of the username, under actions indicating it is not yet acknowledged by the agent. In other words, it is in the process of creation.
Once acknowledged, following actions can be performed:
Refresh the Dashboard to view the actions
- View User Account Information: Click on the info (i) icon under Actions.
This will bring up a new window displaying all the information on the user. Following details for the user will be displayed:- Username
- SID
- Group Type: Displays Standard, Admin
- Domain Name
- Host Name
- Account Type: Account Type can be any of the following:
- Local
- Managed Local (managed local is shown if there is an email value): User accounts created through KeyCard
- Global Admin: Accounts created from Utilities > Global Settings > Windows Settings
- Managed Admin: Service accounts created by Scalefusion MDM agent for using features like KeyCard, Just-In-Time Admin
- Is Enrolled User
- Is Hidden
- Is Autologin Enabled
Note: The above screenshot is for a local user. If device is connected via Entra (formerly Azure AD), domain name will be displayed accordingly.
- Reset Password: Allows you to reset the password for the user account. To reset,
- Click on the key icon.
- This will open the Password Details dialog box. From here, you can view the current password and reset the password if required.
- Click on the eye icon to view the current password.
- Please enter new password in the password field and click on Reset.
If passcode policy is set, please ensure that the new password meets the policy requirements. Same applies while adding a new user also.
- Click on the key icon.
- Edit Group: Use this option to change the group to which the user belongs, from Standard to Admin or vice-versa. To edit,
- Click on the Change Group icon.
- In the dialog box that opens, select the group from the drop-down and click on Change Group.
- Click on the Change Group icon.
- Delete User: Deletes the user from the device. Deleting the user will remove all the user specific data and apps like user specific downloads, photos or documents and more specifically the user directory. Please note it will not delete files or apps stored at a device level or common location shared across users. Clicking on Delete will bring up a confirmation dialog box. Click on Delete button to delete the user.
You cannot edit a group or delete the user accounts:
a. You have enrolled the device with.
b. Admin account created (if any) from global settings. - Hide/Unhide User Account: This will hide the user account. To hide, click on the eye icon. This will open a confirmation box, click Okand the account will not be visible on the device. Any account once hidden can be unhidden also with the same process.All the actions will be executed on device when it is:
-On
-Online
-Not in sleep mode
Important notes on Actions
Actions are allowed or disallowed depending on the Account Type. For example,
- Managed Admin: No action allowed.
- Managed Local: Reset Passwords will not get displayed.
- Global Admin: Group change and deleting user will be hidden
Add users in Bulk
Users can also be added in bulk from Device Groups / User Groups section. To do so,
- On Scalefusion Dashboard, navigate to Groups > Device / User Groups > Devices
- Click on Actions > General > Add a new User
- Under this, there will be two options. Click on any one:
- Include Subgroups: The user account is added to devices in subgroups also.
- Only this Group: The user account is created on devices belonging to this group only, excluding subgroups.
- In the dialog box that opens, select the Platform on which you want to add the user:
- All macOS devices
- All Windows Devices
- Check both if you want to add to both (a) and (b) above
- Enter rest of the details (same as in Add Users dialog box explained in above section)
- Click on Add
- A confirmation dialog box will be displayed. Click on Ok. Please note the user will not be added to devices on which Scalefusion MDM agent is not installed.
Reports
- From Device Inventory Report, you can fetch the following information on Users:
- Total User Accounts
- Total Admin Accounts
- Total Standard Accounts
- For information on users across all devices, you can use Device User Accounts report.