Revoking local administrator rights

Support

Support for business applications

Kaspersky Security Center 15 Linux

Managing users and user roles

Revoking local administrator rights

1 July 2024

ID 275021

Get as PDF

Expand all | Collapse all

You can revoke local administrator rights from accounts. This provides you with an extra layer of control of user accounts. For example, you can revoke local administrator rights after a one-time assignment is complete.

When this task is run, the specified local account is checked to see whether it belongs to local administrator groups.These groups are defined in the Network Agent policy settings. You may customize the list of local administrator groups in the Network Agent policy settings. You can also check the list of privileged user accounts using the Report on privileged device users (Linux only).

This task may be performed only on Linux devices.

To revoke local administrator rights on specific devices:

In the main menu, go to Assets (Devices) → Tasks.
Click Add.
The New task wizard starts.
In the Task type field, select Revoke local administrator rights (Linux only).
Select one of the following options:
- Assign task to an administration group
  The task is assigned to devices included in an administration group. You can specify one of the existing groups or create a new one.
  
  For example, you may want to use this option to run a task of sending a message to users if the message is specific for devices included in a specific administration group.
- Specify device addresses manually or import addresses from a list
  You can specify DNS names, IP addresses, and IP subnets of devices to which you want to assign the task.
  
  You may want to use this option to execute a task for a specific subnet. For example, you may want to install a certain application on devices of accountants or to scan devices in a subnet that is probably infected.
- Assign task to a device selection
  The task is assigned to devices included in a device selection. You can specify one of the existing selections.
  
  For example, you may want to use this option to run a task on devices with a specific operating system version.
The Revoke local administrator rights(Linux only) task is created for the specified devices. If you selected the Assign task to an administration group option, the task is a group one.
At the Task scope step, specify an administration group, devices with specific addresses, or a device selection.
The available settings depend on the option selected at the previous step.
At this step of the wizard, specify the following settings:
- In the Operating mode settings group, select the operating mode:
  - Revoke local administrator rights from listed accounts
    If this option is selected, local administrator rights will be revoked from the specified local accounts.
    
    By default, this option is selected.
  - Exclude listed accounts from local administrator rights revocation
    If this option is selected, local administrator rights will be revoked from all local accounts, except the specified ones.
    
    By default, this option is not selected.
- Specify the local accounts:
  - Click Add.
  - In the window that opens, do the following:
    - In the Account name field, specify the name of the local account.
    - In the Account action settings group (available only if the Revoke local administrator rights from listed accounts option is selected), select the action.
    - Keep account
      If this option is selected, the local account is not deleted after local administrator rights are revoked.
      
      By default, this option is selected.
    - Delete account
      If this option is selected, the local account will be deleted regardless of whether it has local administrator rights.
      
      By default, this option is not selected.
At the Finish task creation step, click the Finish button to create the task and close the wizard.
If you enabled the Open task details when creation is complete option, the task settings window opens. In this window, you can check the task parameters, modify them, or configure a task start schedule, if necessary.
In the task list, select the task you created, and then click Start.
Alternatively, wait for the task to launch according to the schedule that you specified in the task settings.

When the revoke local administrator rights task is completed, the local administrator rights are revoked from the specified local accounts on the specified devices.

Kaspersky Endpoint Security for Linux: High protection without performance compromising

Detects and blocks advanced threats. Buy as part of Endpoint Security for Business Advanced.

Kaspersky Premium Support (MSA): High‑priority incident processing

Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).

Did you find this article helpful?

What can we do better?

Thank you for your feedback! You're helping us improve.