Role Based Administration in SCCM

It has been a while since I had written a blog post . Well , in this post we will talk about Role Based access control in SCCM which is a very handy feature .

Before we start with the lab , we should know what exactly in RBAC in SCCM . By using RBAc feature we can give specific access level to a user or a group. Let us say that we want a group of users to have access to reports only and he should not be able to do anything else / modify anything in SCCM , then we will use RBAC to create such access .


In this example , we will create a group and then add a user to it . then we will create a new access in SCCM who will not have access to even read Migration Jobs in SCCM .

Step 1 : Create a Active Directory Group :


I created a Group in \Active Directory and named it as Abheek Demo . After you have created the group , add a member to it .

SCCM Group


Add member to this group :

Add User


Now that we have created a group in Active Directory , added a user to it , let us move to SCCM Server :

Go to Administration and then Security Roles:



Now to create a new Access role in SCCM right click on any of the access roles and then click copy role



In the Permissions , set the following :



Now , Go to Administrative users and then create / Add new user or group and fill in the credentials . 



Now Add the Ad group and the role that we have created in the above post and then click ok.


Now log into the SCCM Using the user who is a part of that Group .



See the below figure , you cannot see the Migration jobs here :



Now login as admin and you can see the Migration Jobs :






Published by Abheek Dutta

A perennial thrill-seeker with an avid interest in transforming and improving lives around the globe through the wonderful gift of technology, I am the Senior Vice President of Henson Group . My specialties include Leadership, problem-solving, and putting cutting-edge technology (Cloud, Artificial Intelligence, Machine Learning) in the hands of corporates, startups, and professionals. I have been obsessed with the idea of using technology to solve real-world problems. Having previously worked with global software giants like TCS and IBM, I now usually sit at my office at the World Trade Center, New York and Chandigarh , India. Among my greatest achievements, increasing the revenue of Henson Group by ten-folds in the past two years, remains my favorite along with the fact that Henson Group’s India center has now become ‘a center of excellence’ with its entire technical team being Microsoft certified. On the delivery side, I helped Henson Group attain the prestigious “ Azure Expert MSP Certification “ with Microsoft . Hailing from Jammu, my team has grown from five to 150 employees and associates in just two years. Even during COVID-19 era, our growth has soared while helping corporates, industries and startups to tide over many hurdles and challenges. Henson Group is recently featured at rank 132 in the Inc. 5000 Rating. Skillsets: Cloud Services, Managed Services Provider (MSP), Computers & Networks, Artificial Intelligence, Machine Learning, Project management, Leadership , Cyber Security Mr. Dutta manages and monitors the performance of consultants and partners on engagements, communicating with the account executive, project teams, and customers. Works in close collaboration with the Microsoft project manager, providing hands-on project management expertise as required. Mr. Dutta provides direct oversight over the MSP Client Operations team responsible for managing MSP relationships with existing MSP clients and day to day operations of these accounts. Mr. Dutta oversees the Centralized Delivery Team that is responsible for high volume cloud migrations and MSP delivery to current clients. Team consists of over 120+ engineers and project managers.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: