Rights to install or uninstall Kaspersky Embedded Systems Security for Windows
The account specified in the remote installation (removal) task must be included in the administrators group on each of the protected devices in all cases except those described below:
- If the Kaspersky Security Center Network Agent is already installed on the protected devices on which Kaspersky Embedded Systems Security for Windows is to be installed (regardless of which domain the protected devices are in or whether they belong to any domain).
If the Network Agent is not yet installed on the protected devices, you can install it with Kaspersky Embedded Systems Security for Windows using a remote installation task. Before installing the Network Agent, make sure that the account you want to specify in the task is included in the administrators group on each of the protected devices.
- All protected devices on which you want to install Kaspersky Embedded Systems Security for Windows are in the same domain as the Administration Server, and the Administration Server is registered as the Domain Admin account (if this account has local administrator rights on the protected devices within the domain).
By default, when using the Forced installation method, the remote installation task is run from the account running the Administration Server.
When working with group tasks or with tasks for sets of protected devices under forced installation (uninstallation) mode, an account must have the following rights on the protected device:
- Right to execute applications remotely.
- Rights to the Admin$ share.
- Right to Log on as a service.
