One of the most talked about new features in SCCM 2012 is the ability to create role- based administrators. This feature allows you to easily grant a user a limited subset of administrative rights within SCCM that will allow them to perform their assigned tasks, but prevent them from doing anything beyond that.
SCCM 2012 includes an Endpoint Protection Manager role right out of the box.
This recipe will demonstrate how to add a user or group of users to this role.
The majority of the recipes in this book refer to tasks done on the Central Administration Site (CAS) server, which assumes that your organization has one. Smaller organizations may only have a single primary site server. If that is the case for you, then simply perform the task on your primary site server as if it was a CAS server.