rzen said:

Post Editor and Page Editor roles are identical (in Roles > Options > RS Role Definitions). Users should be able edit published posts/pages but NOT publish new posts/pages. While this works correctly for posts, users can still publish new pages straight to live site. All users are WP Editors because they need to be able to see/edit other's pages/posts. Thoughts?

The RS Role Definitions affect what capabilities users get when you assign them supplemental roles (General, Category, Post or Page Roles). The RS Role Defs also affect how Restrictions get applied to blog-wide WP roles.

But removing capabilities from the RS Role Defs does not, in itself, affect your users' blog-wide WP role. If you want to take some capabilities away from all Editors, you should modify that WP Role Def directly. You can do so with Capability Manager. The newly minted Role Scoper 1.1-RC1 also adds the option to synchronize RS and WP roles, making the RS Role Defs tab work more like what you may have envisioned.

From what you've told me of your implementation, the simplest configuration would:

• Use Cap Manager to strip the WP Editor role down to nothing but the "read" capability (although capabilites unrelated to Posts/Pages don't matter)
• Use Roles > Pages to give the [WP Editor] group a Page Editor role for every existing page. Be sure to set assignment mode to "Selected and sub-pages"
• Repeat for posts

If for some reason you must keep the WP Editor role intact, your end goal can also be accomplished by setting a default Restriction on the Page Contributor, Page Author and Page Editor roles (and likewise for Posts). But then you don't have the safe default fallback of zero editing access if Role Scoper gets deactivated.