Microsoft Teams Rooms: Switch to OAuth 2.0 by Oct 13 or your meetings won't work

Microsoft Teams Rooms update means admins will need to review authentication settings as soon as possible.
Written by Liam Tung, Contributing Writer

Microsoft has been rushing out new Microsoft Teams features to help 75 million people each day teleworking during the coronavirus pandemic. But one part of the Microsoft Teams portfolio that hasn't benefited from social distancing is Microsoft Teams Rooms, its conference-room product. 

Conference-room products might never be needed again at some companies, like Twitter and Square, which this week gave employees the option to continue working from home permanently even after offices reopen. 

The two companies, run by Twitter co-founder Jack Dorsey, aren't alone in that thinking. A recent survey by consultancy PwC found that 49% of chief financial officers intend to make remote work a permanent option for certain roles, presumably mostly office roles where conference rooms are most commonly used.

SEE: IT pro's roadmap to working remotely (free PDF)

While it seems there'd be no pressing need to update Teams Rooms right now, Microsoft has two justifications for its activity. 

"There are still organizations and industries whose essential workers continue to rely on these spaces during this time," said the Microsoft Teams group.

"We also recognize the vital role Microsoft Teams Rooms will play when organizations return to work." 

Microsoft has released the Microsoft Teams Rooms, app version, on the Microsoft Store and it will deliver new features to all Microsoft Teams Rooms over the next few weeks. 

The key update – in Microsoft Teams Rooms, app version – is support for modern authentication. This is related to recently announced upcoming changes affecting Exchange Online, which will remove 'Basic Authentication' as an option and affects Exchange clients like Microsoft Teams Rooms.  

Exchange Online currently uses Basic Authentication as the default, which means client apps send a username and password across the network with every request. 

While it is simple to set up, it exposes credentials to attackers capturing them on the network and using them on other devices. Basic Authentication is also an obstacle to adopting multi-factor authentication in Exchange Online, said Microsoft. 

Microsoft intends to turn off Basic Authentication in Exchange Online for Exchange ActiveSync (EAS), POP, IMAP and Remote PowerShell on October 13, 2020. It's encouraging customers to use the OAuth 2.0 token-based 'Modern Authentication'.      

After installing the Teams Room update, admins will be able to configure the product to use Modern Authentication to connect to Exchange, Teams, and Skype for Business services. This move reduces the need to send actual passwords over the network by using OAuth 2.0 tokens provided b Azure Active directory.

SEE: Remote working 101: Professional's guide to the tools of the trade (ZDNet)

While the change is optional until October 13, Microsoft suggests login problems could arise after the cut-off date for Microsoft Teams Rooms configured with basic authentication. 

"Modern authentication support for Microsoft Teams Rooms will help ensure business continuity for your devices connecting to Exchange Online," it said. 

But it will let customers choose when to switch to modern authentication until October 13. 

"In light of COVID-19, and to reduce potential impact for existing on-premises customers who may need time to plan and implement hybrid modern authentication, turning on modern authentication will be manual."

Editorial standards