Unified RBAC enabled by default for new Microsoft Defender for Office 365 tenants

Starting May 30, 2026, new Microsoft Defender for Office 365 Plan 2 tenants will have Unified RBAC enabled by default, offering centralized, granular access control. Existing tenants remain unchanged but can opt in anytime. Administrators should review roles and update documentation for new tenants accordingly.

[Introduction]

We’re improving the security and consistency of permissions management in Microsoft Defender for Office 365. Starting May 30, 2026, all newly created Microsoft Defender for Office 365 Plan 2 tenants will use the Defender XDR Unified role-based access control (Unified RBAC) model by default. This change streamlines role management and provides more granular, centralized access controls across security workloads. Existing tenants prior to this date are not affected.

[When this will happen]

• Public Preview: Late May 2026 – mid‑June 2026
• General Availability: Late May 2026 – mid‑June 2026

[How this affects your organization]

Who is affected

• Administrators managing new Microsoft Defender for Office 365 Plan 2 tenants
• Tenants that receive Plan 2 (or equivalent) licensing after May 30, 2026
• Existing tenants are not affected

What will happen

• Unified RBAC will be enabled by default for all newly created Microsoft Defender for Office 365 Plan 2 tenants.
• Administrators will use Unified RBAC roles alongside Microsoft Entra roles to manage access in the Microsoft Defender portal.
• Existing tenants keep their current permission model without changes or required action.
• There is no user impact.
• Existing tenants may optionally adopt Unified RBAC at any time to benefit from improved permission granularity and centralized permission management.

[What you can do to prepare]

For organizations creating new tenants or assigning Plan 2 licenses after May 30, 2026:

• Review available Unified RBAC roles to ensure permissions align with your security and IT operational requirements.
• Update internal deployment and onboarding documentation for teams responsible for new tenant provisioning.
• Familiarize administrators with Unified RBAC role management in the Microsoft Defender portal.
• Share the following resources with security and IT teams:
  • Create custom roles with Microsoft Defender XDR Unified RBAC | Microsoft Learn
  • Map Microsoft Defender XDR Unified RBAC permissions | Microsoft Learn
  • Microsoft Defender XDR Unified role-based access control (RBAC) | Microsoft Learn

No action is required for existing tenants unless you choose to adopt Unified RBAC.

[Compliance considerations]

No compliance considerations identified. Review as appropriate for your organization.