Managing Teams devices with MEM and Teams admin center

We’re now in 2020 and lots of has changed since Microsoft Ignite in November including a rebranding of endpoint management with Intune and Configuration Manager to Microsoft Endpoint Manager (MEM). Unifying the solutions under one brand is a major step to further unifying Microsoft endpoint management solutions.

You may be thinking, what happened to Intune and Configuration Manager? The good news is investments are continuing and even better news is where ever you’re at today with your Microsoft endpoint management solutions, Microsoft Endpoint Manager will meet you there. For example if you’re heavily invested in Configuration Manager, continue to utilize and and take advantage of the benefits of the cloud by cloud attaching Configuration Manger to the cloud (MEM Intune). Benefits include data sent from ConfigMgr to Intune for a single view of device information, Azure AD conditional access, and the ability to take action from Intune for ConfigMgr managed Windows client endpoints. Much more is on the way including user experience analytics, Autopilot updates, etc.

To learn about all the innovation and announcements for MEM, M365, and other Microsoft solutions please visit Microsoft Ignite and view sessions there: https://myignite.techcommunity.microsoft.com/sessions

I’ve been so busy the last couple months with travel, events, holidays, I have a backlog of blog posts I need to publish. As we start the new year I’ll start with managing Teams devices running Android with MEM and Teams admin center. As organizations move to Teams for communication and collaboration, Teams devices are also being deployed. As Teams devices are deployed, they naturally will need to be managed, that’s where Microsoft Endpoint Manager and the Teams admin center come in. To learn more about Teams devices please navigate to: https://products.office.com/en-us/microsoft-teams/across-devices

Let’s get started

For this post I utilize a Yealink T58A Teams device and enroll it with Microsoft Endpoint Manager. The setup process was extremely simple, however I’ll step through the process below.

Note: when these devices enroll they enroll under Device Admin not Android Enterprise (which isn’t supported at this time for Teams devices).

When the Yealink Teams device is powered on I’m presented with the sign in screen below.

Once I select Sign in I’m presented with the forms based sign-on from my IDP, in this case it’s Azure Active directory.

After I enter my password and sign in the MEM Company Portal processes joining the device to Azure AD and enrollment into MEM Intune as shown in the screenshots below:

Now that the registration and enrollment process is completed, I’m asked to select what type of account I’m utilizing, in this case I’m using a individual user account so I select “Personal”. If this were a shared device with a generic account I would have selected “Shared”.

With enrollment completed I’m now able to view settings, search the address book, and make calls.

Viewing Teams settings on the device

To access settings, tap settings then Company Portal. Here you can look at Teams version, report an issue, sign out, and access the Company Portal to view device compliance should there be compliance settings configured in MEM Intune.

Looks like my device is out of compliance and asking me to disable debugging, so I disabled debugging as suggested and am confirmed settings again.

Once the device is evaluated again against the MEM Intune compliance settings, my Teams device is now showing it’s compliant.

Microsoft Endpoint Manager admin console and Azure AD

Navigate to Azure AD and search for the device, my is shown below:

In Azure AD, selecting properties under the device show the following information:

In MEM admin center

Search for the device in MEM Intune, below you can see device info, including Android version, user name, as well as if the device is compliant or not.

Drilling down into the device settings we can see more details about the device.

Although we can see the Company Portal version on the device, as shown below, we can see the version in the console.

Microsoft Teams admin center

Next we need to navigate to the Teams admin center to manage the device settings, updates, etc. Do this by going to: https://admin.teams.microsoft.com/ then select Devices > Phones. Drilling down into the phone we see the following information about the Teams device.

It appears I need to update the Firmware and the Teams App and I can do this by selecting Update all and selecting items to be updated and either updating immediately or schedule the update to run at a later date and time.

Conclusion

That’s it for now, as you can see Teams devices provide a streamlined enrollment process by merely signing in. The processes reduces time to setup and rapid productivity for individuals who need communicate quickly.

Use a QR code to point users to the Intune Company Portal app for enrollment

Use a QR code to point users to the Intune Company Portal app for enrollment

Quick post here, ever wonder how you can create a QR code that points to the Intune Company Portal in the iOS app store (or any app store), and paste it in an email and send it to your end users? Well it’s super easy to do. Simply search online for a QR code generator. Example: https://www.bing.com/search?q=qr%20code%20generator

When I searched for a QR code generator, a result came up inline of my search results and I pasted the URL that points to the Intune Company Portal in the Apple app store and it generated the QR code below.

If you’re interested, here’s the raw data behind the QR code:

Even better, the Intune Company Portal has 4.5 stars, hey that’s awesome!  Ok shameless plug, however it’s really cool to have such a high rating.

Anyway, theoretically you can do this for any app in an app store, whether they’re Microsoft Office apps, 3rd party apps, one of your published apps, etc.

To save you time, I generated QR codes that point to the Intune Company Portal (or enrollment URL in MacOS case) for all the platforms supported by Microsoft Intune:

iOS                                 Android

        

Windows Store            MacOS

        

Note: MacOS points to https://portal.manage.microsoft.com

Here’s an example email I manually created. Create your own by copying a QR code and generating your own custom emails using your corporate email application such as Outlook.  Your users will love it!  Plus it streamlines their enrollment process.

Here an example of using the built-in camera in iOS to scan the QR code.  As you can see it took me directly to the Intune Company Portal app in the Apple app store.

Intune_iOS_QRCode

 

If you’re intersted, for coporate owned devices Intune supports NFC, QR, and Zero Touch for Android Enterprise already, for more information please visit: https://docs.microsoft.com/en-us/intune/android-enroll

That’s it, I hope you find this valuable when directing your end users to enroll their devices with Microsoft Intune.