Jay Paloma's Tech and Music Blog

Sometimes, this writer can no longer distinguish between the two.

Understanding RBAC in Configuration Manager

with one comment

Role based access control in Configuration Manager 2012 R2 requires understanding on these three


  • Active Directory Groups are used to grant the Security Roles in Configuration Manager. Although User Accounts can be used as well, the best practice is that Active Directory Groups are assigned the permissions, and meanwhile user accounts can be added or removed from the AD Groups according to the needs of Configuration Manager
  • Security Roles assigns permitted operations on specific Configuration Manager objects.
  • Security Scopes are used to assign which instance of a specific object are the operations un Security Roles be performed. For example, without Security Scopes, a Security Role that could manage Distribution Points has the ability to perform the required operations on all DPs. However with Security Scopes, the operations could be limited to specific Distribution Points




Written by jpaloma

January 1, 2015 at 2:59 PM

Posted in Microsoft

Tagged with ,

One Response

Subscribe to comments with RSS.

  1. […] Part 1: Understanding RBAC in Configuration Manager […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: