Granting permissions to individual users or groups
You can grant access to Kaspersky Endpoint Security to individual users or groups. For example, if exiting the application is blocked for the Everyone group, you can grant the Exit the application permission to an individual user. As a result, you can exit the application only if you are logged in as that user or as KLAdmin.
You can use account credentials to access the application only if the computer is in the domain. If the computer is not in the domain, you can use the KLAdmin account or a temporary password.
Open the Kaspersky Security Center Administration Console.
In the console tree, select Policies.
Select the necessary policy and double-click to open the policy properties.
In the policy window, select General settings → Interface.
In the Password protection block, click the Settings button.
This opens a window with Password protection settings.
In the account table, click Add.
In the window that opens, click the Select button.
The standard Select Users or Groups dialog opens.
Select a user or a group in Active Directory and confirm your selection.
In the Permissions list, select the check boxes next to the actions that the selected user or group will be allowed to perform without being prompted for a password.
If a check box is cleared, the users are blocked from performing the action. For example, if the check box next to the Exit the application permission is cleared, you can exit the application only if you are logged in as KLAdmin, or as an individual user who has the required permission, or if you enter a temporary password.
Password protection permissions have some important aspects to consider. Make sure that all conditions for accessing Kaspersky Endpoint Security are fulfilled.
In the main window of the Web Console, select Devices → Policies & Profiles.
Click the name of the Kaspersky Endpoint Security policy.
The policy properties window opens.
Select the Application settings tab.
Go to General settings → Interface.
Under Password protection, in the accounts table, click Add.
In the window that opens, click the Select user or group button.
The standard Select Users or Groups dialog opens.
Select a user or a group in Active Directory and confirm your selection.
In the Permissions list, select the check boxes next to the actions that the selected user or group will be allowed to perform without being prompted for a password.
If a check box is cleared, the users are blocked from performing the action. For example, if the check box next to the Exit the application permission is cleared, you can exit the application only if you are logged in as KLAdmin, or as an individual user who has the required permission, or if you enter a temporary password.
Password protection permissions have some important aspects to consider. Make sure that all conditions for accessing Kaspersky Endpoint Security are fulfilled.
In the application settings window, select General settings → Interface.
In the account table, click Add.
In the window that opens, click the Select user or group button.
The standard Select Users or Groups dialog opens.
Select a user or a group in Active Directory and confirm your selection.
In the Permissions list, select the check boxes next to the actions that the selected user or group will be allowed to perform without being prompted for a password.
If a check box is cleared, the users are blocked from performing the action. For example, if the check box next to the Exit the application permission is cleared, you can exit the application only if you are logged in as KLAdmin, or as an individual user who has the required permission, or if you enter a temporary password.
Password protection permissions have some important aspects to consider. Make sure that all conditions for accessing Kaspersky Endpoint Security are fulfilled.
Save your changes.
As a result, if access to the application is restricted for the Everyone group, users will be granted permissions to access Kaspersky Endpoint Security according to the users' individual permissions.
button.