Organizations can build on the default RBAC roles by creating their own custom roles. To create a new role, use the following steps:
1. Create a security group with the same name as what the role will be named.
2. Identify a preexisting RBAC role that contains most of the cmdlets required for the new role. It will serve as a template for the new role.
3. Decide on a Lync server scope for the new role. This can be a global site, a single site, or multiple sites.
4. (Optional) Decide on an organization scope for the new role. A role can be limited to affect only user accounts within a specific OU in Active Directory.
To create a new RBAC role, use the following syntax within the Lync Management Shell:
New-CsAdminRole -Identity ...