Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
APPLIES TO: 
2015
2019
Subscription Edition
Skype for Business Server includes Role-Based Access Control (RBAC) groups to enable you to delegate administrative tasks while maintaining high standards for security. These groups are created during forest preparation. For details about forest preparation, see Active Directory Domain Services for Skype for Business Server. For details about the specific groups created by forest preparation, see Changes made by forest preparation in Skype for Business Server in the Deployment documentation.
With RBAC, administrative privilege is granted by assigning users to predefined administrative roles, including the 11 predefined roles that cover many common administrative tasks. Each role is associated with a specific list of Skype for Business Server Management Shell cmdlets that users in that role are allowed to run. You can use RBAC to follow the principle of "least privilege," in which users are given only the administrative abilities that their jobs require.
More details on RBAC roles can be found at Planning for role-based access control.