Components of Role Based Access Control
Let's first review the components of Role Based Access Control (RBAC)
- The management role group: This is a universal security group (USG), which is flagged to be used by RBAC and contains mailboxes, users, and other USGs. This is used for role assignment.
- The management role: A management role is a container object that stores a list of cmdlets or scripts for a specific task in Exchange, for example, recipient management. The list of cmdlets and scripts are called as management role entries.
- The management role scope: This is an object that defines the scope on which the management role can have an impact. For example, it could be users within a specific group or organizations unit, a filtered list of databases, servers, or recipients.
- The management role assignment: This is an object that glues together a management role with a role group and scope. Management role assignments are created when we assign a role to a role group and a scope, which...
