0

A fairly simple one. We have a server, we should be doing a scheduled scan. The scan uses a scheduled task which requires a user account, what permissions should that account have? We don't fancy leaving it to run as an administrator.

EDIT: I have set up a user group called "AV Scanner" (or somesuch) which is basically a vanilla user with the power to delete anything. So far this seems to have worked out fine. Could anyone tell me of a scenario where this would prove to be a problem? So far we have no intrusions that I can see but maybe if there were a virus or similar this policy would fail. Does anyone have any further info?

One Monkey
  • 179
  • 1
  • 11
  • @Trozz: I went to McAfee's knowledge base. The answer may be squirreled away somewhere in there but most articles I read referred only to "a user with suitable permissions" without being explicit about what suitable permissions were. Thanks for the suggestion though, I will look into it! – One Monkey Nov 05 '10 at 12:41

2 Answers2

0

I believe don't quote me on this but all the user needs it 'local' admin permissions so that if a something is found it can be deleted.

You 'could' make a generic user account and place it on the local administrator group for the server and have a complicated password.

Could be worth having a look at the McAfee documents, I use this in my environment but don't manage the Antivirus side of it.

trozz
  • 557
  • 2
  • 12
0

Until either a) the scan fails because of the security policy or b) someone here comes up with a better answer, please see my edit to the above question. We've experienced no problems so far.

One Monkey
  • 179
  • 1
  • 11