I was just revising Exchange 2010 concepts so thought of sharing about RBAC as it confuse many individuals.
Role Base Access Control is introduced in exchange 2010 & is not available in previous versions.
This brings granular control over Exchange .
To understand better let me share a small diagram :-
Where --> SCOPE ------> It can be OU,group etc this is the first thing that comes when planning RBAC.
What --> ROLE ------> What the task will be performed. (Exchange 2010 come with 65 built-in Roles, you also have the option of creating cutom Roles)
Who --> ROLE GROUP ------> Who will perform actions , may be a particular group.
GLUE ---> ROLE ASSIGNMENT ----> This binds above three together
RBAC has made life easy for exchange admins as they no longer need to create/modify ACL's for assigning particular permissions to users/group (For example :- helpdesk Specialists)
This is the refrence from the book I am studying , after reading the explanation I was forced to share it on my blog.