What is a role?
Roles are "Permission Sets" that you give to the administrators and users in your domain system so that they can or cannot perform tasks on your domain system.
Roles are primarily split up into two categories "Administration Roles" and "User Roles".
What is an administration role?
Administration Roles are "Permission Sets" that should only be given to employees that have been educated by you or by an accredited institution on how to properly operate your domain system.
What is a custom administration role?
There are several tasks that a System Administrator must complete in their day to day operations and some of those tasks can be dedicated out to other people so that they can focus on more critical tasks. For instance you have several users that have suddenly forgotten their passwords and they need to get into their accounts right away, instead of having your System Administrator stop what they are doing and change the passwords for these users you can create a "Custom Administration Role" for an employee in your domain and set the role to have permission to reset passwords.
What is a user role?
User roles are "Limited Permission Sets" that should be given to all your basic users that have no training in System Administration by you or by an accredited institution.
What is a custom user role?
Depending on your organization or as the need arises you may need to create different user roles. For example, you could have the majority of your users set to have little or no system domain permissions, but for you want some of your users to be able to delegate personal contacts. In this instance, you would create a "Custom User Role" and assign the permission to delegate contacts for all employees in that role.