About roles

A role is a set of rights and privileges for managing Kaspersky Endpoint Security.

In an operating system, four groups of system users are created: kesladmin, kesluser, keslaudit, and nokesl. When you assign a Kaspersky Endpoint Security role to a system user, this user is added to the corresponding role group (see the Roles table below). When you revoke an application role from a user, this user is removed from the corresponding role group.

If no Kaspersky Endpoint Security role is assigned to a system user, such user belongs to a specific group of users without privileges.

Three Kaspersky Endpoint Security roles and their permissions are described in the table below.

Roles

Role name

Role in application

System user

Permissions

Administrator

admin

kesladmin

  • Manage all application and task settings
  • Manage application licensing
  • Assign any role to any user
  • Revoke any role from any user (Administrator cannot revoke the admin role from himself)
  • View and manage users' Storages

User

user

kesluser

  • Manage only Scan_File tasks
  • Start and stop the Update tasks
  • View reports for tasks that he/she created
  • View specific events that are common for all application users

Auditor

audit

keslaudit

  • View application settings
  • View application status
  • View all task, their settings and schedules
  • View all events
  • View all objects in the Storage

nokesl

No Kaspersky Endpoint Security role is assigned, no privileges.

Page top