You can use Role Based Access Control (RBAC) when you configure the account management policy to use Avaya Aura® System Manager as the authentication and authorization source.

System Manager provides centralized RBAC to manage the level of access the system grants to authorized administrators. RBAC simplifies permission management by assigning permissions to reusable roles instead of individual administrators. The System Manager authentication supports Single Sign-On (SSO).

Using RBAC requires that you create roles for each job function. Next, you define the permission level for each EM task in role. Finally, you can then assign roles that match the job function requirements of each administrator.

System Manager includes one default administrator with the name admin, and with the default role of System Administrator. The default administrator has full access to all levels of Avaya Aura® MS EM tasks. When using System Manager for authentication and authorization, administrators, roles, and permissions are configurable only on System Manager.

If you want to use System Manager with Avaya Aura® MS, you must set up a mutual authentication between the servers. After you setup mutual authentication, you must select the Avaya Aura® System Manager option as the authentication and authorization source to use System Manager RBAC and SSO.

Perform the procedures in this section to configure Avaya Aura® MS to use System Manager RBAC and SSO.

For information about configuring administrators and roles when using System Manager for centralized RBAC, see Administering Avaya Aura® System Manager.