Access to Kaspersky Embedded Systems Security functions via the command line is provided to users in accordance with their roles. A role is a set of rights and privileges for managing the application.
The four groups of system users are created in the operating system: kessadmin, kessuser, kessaudit, and nokess. When you assign an application role to a system user, the user is added to the corresponding group (see the Roles table below). When you revoke a role from a user, this user is removed from the corresponding group.
If no application role is assigned to a system user, that user belongs to a separate group of users without rights.
Thus, the roles correspond to the four groups of operating system users:
User roles
Role name |
Role in application |
OS user group |
Permissions |
|---|---|---|---|
Administrator |
admin |
kessadmin |
Managing application settings and task settings in the graphical interface of the application and on the command line without using the Managing application licensing. Revoking user roles (the administrator has no right to revoke the admin role from self). View and manage users' Storages. |
User |
user |
kessuser |
Manage only user file scan tasks. Start and stop Update tasks. View reports for the tasks created by this user. View specific events that are common for all application users. |
Auditor |
audit |
kessaudit |
Viewing application settings View application status. View all tasks, their settings, and start schedules. View all events. View all objects in Backup. |
— |
— |
nokess |
No role is assigned in the application, no permissions. |