I’ve been using powershell with Configuration Manager recently and I’ve been looking at security roles. If you’re looking to create your own security roles with powershell and you don’t already have a template, you’ll first need to copy one of the existing roles to get started. To do this you need to know the role ID for the source security role, these aren’t so easy to find so here you go:
|Remote Tools Operator||SMS0003R|
|Compliance Settings Manager||SMS0006R|
|Application Deployment Manager||SMS0007R|
|Operating System Deployment Manager||SMS000AR|
|Software Update Manager||SMS000CR|
|Endpoint Protection Manager||SMS000GR|
You’ll want to use these with the Copy-CMSecurityRole powershell command. Keep an eye out for some scripts which I plan to make available soon which should make your ConfigMgr life a little easier.