The basis for role-based access control is to provide a specific set of permissions and actions allowed to a group. For those familiar with Exchange RBAC, it should be apparent that the Lync version is not nearly as flexible. Exchange 2010 administrators can define the exact cmdlets and attributes allowed for each management role. With Lync Server 2013, administrators can only base new roles on an existing template. Individual cmdlets cannot be added or removed. Assignment of a management role can be done only by placing user accounts within a security group.