With RBAC, access and authorization is based more
precisely on a user’s Lync Server role. This enables greater use of the security
practice of "least privilege," granting administrators and users only the rights
that are necessary for their job.
And here is the important info for Lync admins...
RBAC restrictions work only on administrators working remotely, using either the
Lync Server Control Panel or Lync Server Management Shell. A user sitting at a server
running Lync Server is not restricted by RBAC. Therefore, physical security of your
Lync Server is important to preserve RBAC restrictions.
Ram K Ojha
(MCSE, MCTS - LCS
2005, MCTS - OCS 2007, MCTS - U.C. Voice