While Network Configuration Manager supports detailed security control on user access, it also has the ability to almost emulate role-based access through the use of Groups.

A user role can easily be mapped to a Group, which can be assigned the appropriate permissions to the existing concrete resources. The choice of concrete resources assists to restrict access to only those resources that are useful in Managed Service Provider environments.

Assigning roles to users and groups can be achieved by making them members of the group representing the role.
Note: After new concrete resources come into existence, they must be explicitly associated to these role groups before they show the desired authorization behavior.