To enable Kaspersky Security Center Web Console perform its background tasks, you have to establish a background connection between Kaspersky Security Center Web Console and Administration Server. You can establish this connection only if your account has the Modify object ACLs right of the General features: User permissions functional area.
If you install plug-in of Kaspersky Endpoint Security for Windows 12.6, or if you update the Kaspersky Endpoint Security for Windows plug-in from the version earlier than 11.7 and a background connection is not established yet, a notification is displayed that you have to establish a background connection. Also, you will have to grant the service account with the rights of the General features: Operations on Administration Server functional area.
To establish a background connection:
The background connection between Kaspersky Security Center Web Console and Administration Server is established. Administration Server creates an account for the background connection and this account is used as a service account to maintain interaction between Kaspersky Security Center and another Kaspersky application or solution. The name of this service account contains the NWCSvcUser prefix.
Administration Server automatically changes the password of the service account once every 30 days, for security reasons. You cannot delete the service account manually. Administration Server deletes this account automatically when you disable a cross-service connection. Administration Server creates a single service account for each Administration Console and assigns all the service accounts to the security group with the name ServiceNwcGroup. Administration Server creates this security group automatically during the Kaspersky Security Center installation process. You cannot delete this security group manually.