Microsoft Exchange RBAC is a role-based access control permissions model used in Exchange Server 2010 and Exchange Server 2013.
First introduced in Exchange 2010, the Role Based Access Control permissions model is comprised of roles and role groups. A role is defined by a set of tasks an Exchange administrator can perform. A role group is a collection of roles. When an Exchange administrator is assigned a role, he has permission to accomplish the tasks allowed within that role. Because many administrators have numerous responsibilities, however, they can be assigned role groups. A role group provides the administrator with permission to accomplish the tasks defined by the various roles contained within a specific role group.
Exchange Server 2010 and Exchange 2013 contain numerous predefined roles and provide administrators with the ability to define custom roles. Roles are assigned through the Exchange Management Console (EMC) in Exchange 2010 and the Exchange Administration Center (EAC) in Exchange 2013. Roles may be delegated through the Exchange Management Shell (EMS) as well.