The Teams AV Monitoring sensor is the only solution available for monitoring or detecting Audio Video Conferencing issues with Microsoft Teams and has special setup requirements that require consideration.
Ease of Use With Teams AV Bot
To make it easy for customers to utilize this network monitoring solution for Microsoft Teams, Exoprise leverages an Audio Video Bot that is invited into a synthetic test Teams conferencing session. Each sensor creates a conference and invites the Teams AV Bot which streams audio and video content so the CloudReady sensor can capture the real-time WebRTC statistics such as Jitter, Packet Loss, Frame Loss and more. In this way, network administrators can diagnose uptime, performance, and availability of the Microsoft Teams infrastructure, Internet and local LAN.
Teams AV Bot Permissions
To be able to invite the Teams AV Bot to a conference the Office 365 tenant must accept an OAuth Bot Registration. This is dictated by Microsoft and their Microsoft Graph communications SDK. The communications SDK is new and the permissions required by the Teams AV Bot were dictated by the communications SDK. Here are the following OAuth permissions that the Teams AV Bot requires:
|Calls.AccessMedia.All||Application||Access media streams in a call as an app||Yes|
|Calls.Initiate.All||Application||Initiate outgoing 1 to 1 calls from the app||Yes|
|Calls.InitiateGroupCall.All||Application||Initiate outgoing group calls from the app||Yes|
|Application||Join group calls and meetings as an app||Yes|
|Calls.JoinGroupCallAsGuest.All||Application||Join group calls and meetings as a guest||Yes|
|ChannelMessage.Read.All||Application||Read all channel messages||Yes|
|Application||Flag channel messages for violating policy||Yes|
|Application||Read all chat messages||Yes|
|Chat.UpdatePolicyViolation.All||Application||Flag chat messages for violating policy||Yes|
These permissions and what they control are part of the Microsoft Graph and Teams infrastructure. The CloudReady Teams AV sensor utilizes only a small portion of the Graph Communications SDK. More about how the Exoprise CloudReady Teams AV sensor operates can be read here:
Other Policy Requirements
- Meet Now
The Teams AV sensor utilizes Meet Now functionality to start a meeting (its not scheduled). So this policy must be enabled for the accounts that are configured to ensure successful setup. Once the meeting is established the Bot is explicitly invited into the meeting. That is the only functionality of the Teams AV Bot.
- External Access
The Exoprise Teams AV Bot is external to your tenant and organization so external access must be allowed in Teams for the account that is configured.
- Guest Access
The Exoprise Teams AV Bot is a guest so this must be allowed for the Bot to join the meeting.
These policy settings can be configured for the entire tenant or for subsets of users. There can be a large delay when these settings are configured and when they take affect within the tenant.