About using accounts to start tasks

You can specify the account to run the following Kaspersky Security for Windows Server tasks:

• Rule Generator for Applications Launch Control
• Rule Generator for Device Control
• On-Demand Scan
• Update

By default, these tasks are run using system account permissions.

A different account with proper access permissions is recommended in the following cases:

• Update task: if you specified a public folder on a different device on the network as the update source.
• Update task: if you use a proxy server with built-in Windows NTLM authentication to access the update source.
• On-Demand Scan tasks: if the system account does not have permission to access the scanned objects (for example, files in shared folders on the protected device).
• Rule Generator for Applications Launch Control task: if the generated rules are exported to a configuration file that the system account cannot access (for example, in a shared folder on the protected device).

You can run Update, On-Demand Scan, and Rule Generator tasks with system account permissions. Kaspersky Security for Windows Server performs these tasks and accesses shared folders on another device in the network if this device is registered in the same domain as the protected device. In this case, the system account must have access permissions for these folders. Kaspersky Security for Windows Server accesses the device using permissions for the account <domain name \ device_name>.