They can contain many different types of nested objects such as: Management role groups are actually "Special Universal Security Groups (USG)".
An example of a management role group is the Discovery Management RBAC role group, one that is used to grant users the ability to use the Multi-Mailbox Search feature. There are pre-defined Management role groups that come with Exchange 2010, and ones you can create yourselves. Management role groups associate management roles with groups of administrators or specialist users. There are 7 core components you need to understand in RBAC: RBAC enables you to more closely align the roles you assign to users and administrators to the actual roles they hold within your organization without having to modify ACL's! We now have whats called RBAC (Role Based Access Control). In Exchange 2010 the Microsoft Exchange Team has completely changed the way the permission structure works. Large enterprise companies needed to modify ACL's to keep their delegation of administrative structure in place. Also troubleshooting problems that occurred due to ACLs being used in a nonstandard way can be very time consuming. ACL's create many challenges when modifying permissions on mailboxes and active directory attributes especially when upgrading exchange versions, you need to ensure ACL modifications are maintained. In previous versions of Exchange such as 2000/20 the permissions were all done using ACLs (Access Control Lists).
0 kommentar(er)
