Hi @all,
I am a little bit confused about the Security Upgrade Best Practices (http://technet.microsoft.com/EN-US/library/hh575192.aspx). It is recommended to use shipped Microsoft roles as nested roles in newly created custom roles.
Is it somehow possible to restrict this role (by for example disabling duties) without changing the original role? Or can you just extend (not restrict) this role in the new role?
I have not found yet a satisfying solution for this problem. Is there any best practice approach for restricting original MS roles or can you just do this by copying the role without the possibility of future updates in the role?
Thank you very much in advance for your answers, Ben