Is there a list somewhere of the ConfigMgr 2012 Security Roles, the Permissions each group has and the Individual Permissions for each group somewhere?
Can I use Role-Based Administration to Explicitly Deny Access to Objects?
Can I use Groups rather than individual User Accounts in ConfigMgr 2012 to control Security?
Do I have to install an additional ConfigMgr Site if I want different Security settings?
Do I need to Configure Security at each ConfigMgr Site?
Do I have to configure anything with RBA to use ConfigMgr “Out-of-the-box”?
What is Role-Based Administration?
How is Security implemented in ConfigMgr?