Skip to main content
CallTower Solutions Center

Firmware Updates for Continued Sign in to Office 365 // SfB and Teams Certified IP Phones

Microsoft is requiring third-party applications to be given permission to access the various services within Office 365. Today all certified phones/devices use the same single Azure application ID, which is used as part of the process for signing into Office 365. Microsoft is moving to an authentication model, where each third-party party phone/device vendor will each have a unique vendor application ID. Each Vendor Enterprise Application ID needs approval by a tenant admin before the phones under said ID from the vendor in question will be able to sign into your tenant.

This means the approval must be completed before you move to these updated firmware versions.

For your reference, here is the Official Microsoft Article:  https://techcommunity.microsoft.com/t5/Skype-for-Business-Blog/OAuth-2-0-and-third-party-application-ID/ba-p/482876

We have found this to be the best source for additional information: https://tomtalks.blog/2019/04/all-skype-for-business-ip-phones-must-be-firmware-updated-by-july-1st-2019-to-continue-to-sign-into-office-365/

WHAT DO I NEED TO DO NOW?

Approval involves clicking a link provided by the vendor.

And accepting the following agreement:

clipboard_edfc5d6f69841b1e5036bd4c6b06a7fab.png

Below is information by Vendor and Approval URLs:

YEALINK

POLYCOM

CRESTRON (not supported by CallTower)

AUDIOCODES (not supported by CallTower)

 

PLEASE NOTE:  The current vendor approval URL for Yealink does not contain a redirect URI (Uniform Resource Identifier) so after the approval, it redirects to a default local-host URI which does not work. You can ignore this error and rest assured the approval worked by checking in your Azure Dashboard under Enterprise Applications, look for "Yealink - Skype for Business Certified Phone".

clipboard_e1d38c7244b6d2e9a91b94954270a0230.png

WHEN WILL CALLTOWER UPDATE SUPPORTED DEVICE FIRMWARE?  

We will be updating our Provisioning Servers during the July 19, 2019, scheduled Maintenance Window with the following versions of firmware to support these changes:

POLYCOM PHONES

Polycom has not yet included the OAuth changes in their firmware, however we are bringing the version to the current branch and getting the approval URL's out early so that when Polycom releases the fixes (~Q4 2019) we will able to push the latest version of firmware (Most likely 5.9.4 for VVX and 5.9.1 for Trio) with the lowest possible impact, due to the requirement to update BTOE from our previously supported version.

IMPORTANT NOTE IF YOU USE BTOE: Polycom VVX Phones will be updated to 5.9.3.2857 which will also require an updated BTOE version of 4.0.0.0, This updated version of BTOE should not be installed until AFTER the phone has been updated to 5.9.3.2857 or later. If you Update BTOE before the firmware BTOE will cease to function until after the phone is also updated. 

POLYCOM TRIO PHONES

Polycom Trio Phones will need to be updated to 5.9.0:

Polycom CX Series phones will most likely cease to function with Office 365 in January 2020.

YEALINK PHONES

Yealink Phones will be updated from the following links

This does not affect Yealink T5 Series phones with the Teams firmware loaded.

FAQ SECTION

Question: What happens if an upgrade to respective firmware is not performed?
Answer: Effective January 15, 2020, when users attempt to sign-in on devices that are not upgraded authentication with Office 365 will fail.

Question: What happens if device firmware is upgraded without going through the Consent URL?
Answer: Impacted users’ authentication will fail to sign-in; the tenant administrators are requested to perform the approval consent and retry the authentication.

Question: When should tenant administrators perform the consent?
Answer: Consent should be performed any time before upgrading the device firmware to avoid authentication failures.

Question: If a tenant Administrator performs consent from the provided URL prior to upgrading firmware, will users have any sign-in issues?
Answer: Users shall not have sign-in issues if tenant administrators perform acceptance on consent URL & then proceed with the device Firmware upgrade.

Question: Are Lync phone edition devices (CX Range) impacted by this change?
Answer: Lync phones are out of support and end of life and will fail to sign-in to Office 365 due to lack of support for TLS 1.2.