It has been a while since I had written a blog post . Well , in this post we will talk about Role Based access control in SCCM which is a very handy feature .

Before we start with the lab , we should know what exactly in RBAC in SCCM . By using RBAc feature we can give specific access level to a user or a group. Let us say that we want a group of users to have access to reports only and he should not be able to do anything else / modify anything in SCCM , then we will use RBAC to create such access .

 

In this example , we will create a group and then add a user to it . then we will create a new access in SCCM who will not have access to even read Migration Jobs in SCCM .

Step 1 : Create a Active Directory Group :

 

I created a Group in \Active Directory and named it as Abheek Demo . After you have created the group , add a member to it .

SCCM Group

 

Add member to this group :

Add User

 

Now that we have created a group in Active Directory , added a user to it , let us move to SCCM Server :

Go to Administration and then Security Roles:

Capture

 

Now to create a new Access role in SCCM right click on any of the access roles and then click copy role

12

 

In the Permissions , set the following :

Migration

 

Now , Go to Administrative users and then create / Add new user or group and fill in the credentials . 

SCCM RBAC

 

Now Add the Ad group and the role that we have created in the above post and then click ok.

 

Now log into the SCCM Using the user who is a part of that Group .

2

 

See the below figure , you cannot see the Migration jobs here :

3

 

Now login as admin and you can see the Migration Jobs :

4

 

 

 

 

Advertisements