Enterprise 11: RBAC on user management

Access is deny-all and allow by exception based on roles, domains as defined in RBAC. Only those users with access to User Management can manage users in system.

This permission is further divided into the following subpermissions:

Create Users
Only those users with this permission can create new users from the Control Room.
Edit Users
Only those users with this permission can update existing users from the Control Room.
Delete Users
Only those users with this permission can delete existing users from the Control Room.

Authorized users assign various combinations of these access permissions to different sets of users and roles based on the business requirements.