Role-based access control (RBAC) provides control for access and authorization. Users are granted permission based on defined roles. The administrator can create user roles that are based on job functions to allow users appropriate system access. RBAC places limitations on each role’s permissions to allow you to partition tasks. You can assign each user only a single role. Several users can have the same role. A user role authenticates and authorizes a user at login and places the user in EXEC mode. Each user role assigns permissions that determine the commands that a user can enter, and the actions a user can perform. RBAC provides an efficient way to administer user rights.