Kaspersky
Question

Device Control and Active Directory

  • 6 July 2019
  • 6 replies
  • 130 views

I have the same problem in KSC 11. How can I allow one AD group to read and another to read and write?

Link: https://forum.kaspersky.com/index.php?/topic/384391-device-control-users/page/2/

Example: User ABC group Read
User XPTO group Write

6 replies

Userlevel 5
Badge +2
AD groups must contain users, not devices.

Try this options
computer = yourdomain.local



I use 2 groups of users in Active Directory.

GroupReadUsers
GroupReadWriteUsers

That way the read group is not working, just write.

Permission for users in "read group" does not work.
I did the above test.

for users of the ReadWrite group the permission is denied.
The group with write permission can only read.










Group with Read permission, works fine.
Userlevel 5
Badge +2
@fbr0 , did you delete the default group "Everyone"?
@fbr0 , did you delete the default group "Everyone"?

Yes. I edited my answer and inserted images.

Everyone group has been deleted.
Userlevel 5
Badge +2
@fbr0 , check both rules with "Default schedule".

Reply / Ответить