Microsoft teams rooms and intune
An image of the New project page in Windows Configuration Designer, where you add a project name, browse for the project folder, and add a description. In the package definition, you can specify some rules for the computer name. There are two areas selected: the “Device name” field and the “Configure devices for shared use” section, with the toggle set to “No”.
Select Next. A screenshot of the “Set up network” page from the left menu in Windows Configuration Designer, with the “Set up network” toggle set to “Off”. You can use a DEM account, or any other account that has rights to gather the bulk token. During the enrollment, a new account will be created. Note the token expiration date in the Bulk Token Expiry field and select Next. In Intune, we see the new, corresponding enrollment account that Windows Configuration Designer created. Note : The account that was used for the token request is not stored in the package.
A cropped image of the package as a new profile in Intune the Endpoint Manager admin center. For our example, we do not need to add any apps and there are no certificates, either. Select Next to continue to the Finish page, review the summary, and then select Create to generate the package.
A cropped image of the Finish page, showing the “copied to” location of the new package we just created. An image of the package file in a local directory. From the Windows Start menu, select Settings and then sign in with a local Administrator account if you are not already signed is as a local Admin.
Screenshot of the Windows Settings “Access work or school” menu, with the option “Add or remove a provisioning package” selected. A screenshot of the Windows Settings “Provisioning packages” window with the option “Add a package” selected. An image of the User Account Control pop-up dialog that says “Do you want to allow this app to make changes to your device? A dialog opens, confirming that the package is from a trusted source. Additionally, it shows you the information about the changes that will be made to the system.
To continue with the installation, select Yes, add it. An image of the dialog “Is this package from a source you trust? A screenshot showing the dialog “You’re about to be signed out: Windows will shut down in 1 minute”. Note: If you install a provisioning package on a device which is already in use, but not enrolled in Intune, it does not reset the system. Windows applies the new settings, renames the computer, and joins the device to Azure AD, if specified. Furthermore, enrollment accounts used by the provisioning process do not assign a primary user for the device.
What do we need? At the end, the group should like this: That is, it for the Azure AD group. Next, we go to create a Compliance policy. Compliance policy To get an insight if your active Microsoft Teams Rooms are still compliant, you can create a Compliance policy. Windows applies the new settings, renames the computer, and joins the device to Azure AD, if specified. Furthermore, enrollment accounts used by the provisioning process do not assign a primary user for the device.
The only way to enroll a new Teams Rooms device during setup is to use a provisioning package. You can use the package we built in our example and copy it to a USB drive in the root folder.
Setup will find the file and will continue with the enrollment. For more information, see Apply a provisioning package. Important: Windows Autopilot enrollment is not supported for Teams Rooms devices. If you have completed a new installation or have enrolled an existing device with a provisioning package, the User Account Control dialog will not show the local Administrator account anymore in your Teams Rooms settings.
For example, you will sign in with the account. There are several ways to enroll Teams Rooms Windows devices in Intune. However, instead of using these accounts and the manual steps they require, you can use a provisioning package to enroll Teams Rooms devices in Intune. If you do decide to enroll Teams Rooms devices with a resource account, remember that the account still has resource access to certain services. For new installations of Teams Rooms, you can apply a provisioning package during the OOBE phase of the setup process.
After completion, the device is already enrolled in Intune. We hope this post helps you better understand the different options for enrolling Teams Rooms devices in Intune. Screenshot showing a dynamic membership rule with the following rule syntax: device. Check if the computer name follows a standard. Using a resource account to register Teams Rooms devices is a manual process.
On the device user interface, select More … and then select Settings. Image of the Teams UI showing the “More” option with an ellipsis icon.
Image of the Teams UI showing the “Settings” option with a gear icon. In the Settings menu, choose Windows Settings and you will be prompted to sign in with an Administrator account again. Save and exit Teams. Image of the Settings menu in Teams, showing the “Windows Settings” option on the bottom left. From the Windows Start menu, open Settings , select Accounts , and then select Access work or school. On the Set up a work or school account dialog, under Alternate actions , select Join this device to Azure Active Directory.
A screenshot showing the “Microsoft account – Set up a work or school account” pop-up, with “Join this device to Azure Active Directory” selected at the bottom. Sign in with the resource account credentials. Keep in mind that the resource account is added to the local machine and uses Administrator credentials. However, in Azure AD the user does not have any rights.
A screenshot of the “Make sure this is your organization” pop-up, showing “User type: Administrator” to confirm you are signed in with Administrator credentials. We used a user account for enrollment, so the device is mapped to the resource account, as we can see in the Primary user field. An image of the device “Overview” page in the Microsoft Endpoint Manager admin center, showing the “Primary user” field.
Typically, these types of devices are considered shared devices, so you should manually remove the primary user. Select Properties, and then select Remove primary user and select Save at the top of the page. A benefit of using a DEM account over a resource account is that the DEM account can only enroll devices and will not have any rights to access mailboxes, calendars etc.
An image of the device “Properties” page in the Microsoft Endpoint Manager admin center, showing the option to “Remove primary user”. An image of the warning message that you will get if you choose to remove the primary user: “Removing the primary user of a device configures it to operate in shared mode.
In this mode, users, including the previously assigned primary user, can no longer self-service this device in the Company Portal. Learn more [link]”. At this point, we have successfully enrolled Teams Rooms in Intune. Learn how your comment data is processed.
Click here to buy your copy of the book – Reimagine remote working with Microsoft Teams. Email Address:. I can be contacted through email sathish ezcloudinfo. It can be downloaded from this github website Then create installsync. Navigate to Intune — select all apps — Add new app type and select Windows app win 32 Now we need to select the app that we have created which is logitechprovisionstub.
In the next screen in add app section use the install command installsync. And after few times if the installation is successful we can see the below message. And the device installation status is also showing successful. When logging into the system could see that the Logitech services are installed and running. Share this:. Like this: Like Loading Evolvous March 2, at am Reply.
However when we have more number of devices that needs this installation and if they are present in different locations sharing the local admin passwords to the local support might also be a bit risky approach. Showing results for.
Teams meeting room devices can be enrolled and managed by Intune to provide many of the device management and security capabilities. This blog post can be your missing piece of the puzzle. Read along. Managing Microsoft Teams Rooms with Intune – Microsoft Tech Community. There are two methods for enrolling Teams Rooms Windows devices in Intune. Our recommended method is to use bulk enrollment, which allows.❿