EMS is a great way to get work done with Exchange as long as you don’t mind grappling with the command-line interface. If no control were exerted, you could do massive damage to an Exchange organization with EMS, such as selecting all the mailboxes in a database and removing them with a single line of code. Only the people who need to control the full scope of the organization should be able to take such drastic action. Traditionally, control is given through permissions and privileges. Exchange takes a different approach and adopts the RBAC model. All administrators need a solid grounding in RBAC and its implementation in Exchange, and that’s the next subject of discussion.