Problem Today,

when a user is removed from an environment's security group or when a licensing / Power Platform assignment change affects that user, Dataverse automatically disables the user account and removes their security roles (e.g., Basic User, Environment Maker). This happens silently: there is no email, no Admin center alert, and no Service Health notification to the environment or tenant administrator.

Requested feature

1. Send a proactive notification (email + Power Platform Admin center + Microsoft 365 Service Health) to environment admins whenever a change to licensing, environment security-group membership, or business-unit assignment triggers automatic removal or disabling of security roles for one or more users — with special emphasis on bulk changes affecting many users at once.
2. The notification should include: trigger source / operation type, number of users affected, exact timestamp, and the impacted environment.
3. (Optional) An admin setting to require confirmation before bulk, sync-triggered role removals take effect, or to set a threshold (e.g., alert/hold if >X% of users would be affected).

Why it matters

• Silent bulk role removal causes immediate, organization-wide outages with zero warning.
• The 30-day Entra log retention means impact is often discovered only after the audit trail expires, making RCA impossible.
• A simple notification would let admins react within minutes instead of days and dramatically reduce downtime and support load.