Configuring user permissions

This section provides information related to Kaspersky Endpoint Agent for Windows. This information may be partially or completely inapplicable to Kaspersky Endpoint Agent for Linux. For complete information about Kaspersky Endpoint Agent for Linux, please refer to the Help of the solution that includes the application: Kaspersky Anti Targeted Attack Platform or Kaspersky Managed Detection and Response.

You can grant access to Kaspersky Endpoint Agent to individual users or groups of users. As a result, only specified users will be able to manage settings or services of the application.

To configure user permissions:

Do one of the following:
- Open the application properties window for an individual device.
  1. In the main Kaspersky Security Center Web Console window select Devices → Managed devices.
  2. Select the device.
  3. In the <Device name> window that opens, select the Applications tab.
  4. Select Kaspersky Endpoint Agent.
  5. In the window that opens, select the Application settings tab.
- Open the policy properties window.
  1. In the main Kaspersky Security Center Web Console window select Devices → Policies and profiles.
  2. Select the policy you want to configure.
  3. In the <Policy name> window that opens, select the Application settings tab.
In the Application settings section select the Security settings subsection.

In the User permissions for application service management group of settings, click the Configure button next to the name of the required setting (User permissions for application management or Configure user permissions for application management).

To add users and user groups, specify the security descriptor strings using the Security Descriptor Description Language (SDDL).

If you configure the policy settings, in the upper right corner of the group of settings, change the switch from Undefined to Enforce.
Click OK.
Click the Save button.