It has been a while since I had written a blog post . Well , in this post we will talk about Role Based access control in SCCM which is a very handy feature .
Before we start with the lab , we should know what exactly in RBAC in SCCM . By using RBAc feature we can give specific access level to a user or a group. Let us say that we want a group of users to have access to reports only and he should not be able to do anything else / modify anything in SCCM , then we will use RBAC to create such access .
In this example , we will create a group and then add a user to it . then we will create a new access in SCCM who will not have access to even read Migration Jobs in SCCM .
Step 1 : Create a Active Directory Group :
I created a Group in \Active Directory and named it as Abheek Demo . After you have created the group , add a member to it .
Add member to this group :
Now that we have created a group in Active Directory , added a user to it , let us move to SCCM Server :
Go to Administration and then Security Roles:
Now to create a new Access role in SCCM right click on any of the access roles and then click copy role
In the Permissions , set the following :
Now , Go to Administrative users and then create / Add new user or group and fill in the credentials .
Now Add the Ad group and the role that we have created in the above post and then click ok.
Now log into the SCCM Using the user who is a part of that Group .
See the below figure , you cannot see the Migration jobs here :
Now login as admin and you can see the Migration Jobs :
