User roles
19 January 2023
ID 197942
Access to Kaspersky Endpoint Security functions is provided to users in accordance with their roles. A role is a set of rights and privileges for managing the application.
Four groups of system users are created in the operating system: kesladmin, kesluser, keslaudit, and nokesl. When you assign an application role to a system user, this user is added to the corresponding group of roles (see the Roles table below). When you revoke a role from a user, this user is removed from the corresponding group of roles.
If no application role is assigned to a system user, that user belongs to a separate group of users without privileges.
Thus, the roles correspond to the four groups of operating system users:
- kesladmin – the Administrator role
- keslusrer – the User role
- keslaudit – the Auditor role
- nokesl is assigned to a user if no other roles are assigned. In this case, the user belongs to a separate group of users without privileges
Three Kaspersky Endpoint Security roles and their permissions are described in the table below.
Roles
Role name | Role in application | OS user | Permissions |
---|---|---|---|
Administrator | admin | kesladmin | Manage all application and task settings. Manage application licensing. Assigning roles to users. Revoking user roles (the administrator has no right to revoke the admin role from himself). View and manage users' Storages. |
User | user | kesluser | Manage only Scan_File tasks. Start and stop Update tasks. View reports for the tasks created by this user. View specific events that are common for all application users. |
Auditor | audit | keslaudit | View application settings. View application status. View all tasks, their settings, and start schedules. View all events. View all objects in the Storage. |
— | — | nokesl | No Kaspersky Endpoint Security role is assigned, no privileges. |