The customer had Defender for Endpoint Plan 2 enabled in the past with RBAC turned on.

They downgraded to Defender for Business.

There is no access to roles now and basic roles (Security Reader) doesn't work as expected anymore; no access to incidents etc.

What can be done about it? Is there any way to turn the RBAC off? In theory, the product is not working as expected - only DfE Plan 2 is RBAC enabled, so no access to RBAC in DfB and we are stuck in the loop.