SOLVED

Teams Phone device refuse login with 1449/1.0.94.2021033002 firmware and ADFS

Steel Contributor

Has anybody been using ADFS with Teams noticed an issue with the last two firmware updates, when performing logins off-network?

 

I have a customer running Yealink MP56 phones and the latest firmware 122.15.0.36 running Teams App 1449/1.0.94.2021022403 or 1449/1.0.94.2021033002 can no longer login using either the device login code or typing user/pass. The login seems to get stuck in a loop between device registration and preparing the device.

 

I suspect this is partially to do with the ADFS configuration not using UPN for authentication, but this wasn't an issue prior to 1449/1.0.94.2021022403.

82 Replies
I'm having the same issue with a Yealink T55A. Once the update was completed, the phone will not receive a device code for provisioning.
Same issue here. Yealink MP54 and AudiocodesC450HD.
Are you able to open a support ticket with Microsoft? Can you send me the ticket number as a message you've opened it?
Don't know if this helps anyone, but I opened tickets with Microsoft Teams support, Azure support, and Yealink. So far, everyone is saying it's someone else's issue. This has been going on for about 9 days.
It would be helpful if you can send me a message with the Microsoft Teams ticket details. I am a PM in the team, and would like to see this ticket.
DM sent with ticket number. I did speak with a contact at Yealink yesterday and they suggested a possible issue with device count limits, but I realized this morning I'm trying to login to the same device I already have registered under the tenant so it shouldn't (in theory) be that.

Rolling back to an earlier firmware and Teams app from last year seems to resolve the issue. Upgrading again breaks it.
I sent the ticket information in a DM. The ticket with Azure was closed because it was a 'duplicate' ticket. Yealink also said it may be a problem with too many devices for the user, but only one is assigned and I have set my company limit to 20, so that should not be an issue. I am going to try to downgrade it today, similar to what jangliss did, to see if my problem is fixed.

@Jacob_B 

 

I am assuming you are using ADFS? Did Microsoft gather the ADFS logs from your failed attempts? I'm working on gathering those myself.

 

I've gone back and done additional testing and it doesn't appear to be limited to a particular vendor. I've tested with Poly CCX 400, CCX 500, and CCX 700, AudioCodes HD450, Yealink T56A, T58A, and MP56.  It's after deploying the February update which appears to be bundled with most of the latest firmwares from the vendors, things break.  Going to roll back a few firmware and do additional testing to verify.

If possible, could you send this ticket information to me as well? I am deploying an MP56 with the same firmware/Teams version, and the same problem.

Also, to confirm, are you seeing the "Oops, you can't access this right now." error when attempting to login?
I was not able to find any failed logins in any of the Microsoft cloud services, it's like the device is not connecting or seeing Microsoft at all. I checked my firewall to verify that no ports needed to access and run Teams are being blocked. Downgrading did not help, so no luck there. I sent a video of the issue to Microsoft today for them to view the problem that I am running into.
FYI - the phone is not saving the time settings when it's rebooted which may be part of the problem.
I originally opened this thinking it might have been ADFS related, but also seeing this across tenants not using ADFS. This seems like a big issue!
We are having the same issue with Poly C60 conference room phones once updated to firmware 7.0.2.1071. This firmware comes with Teams App 1449/1.0.94.2021022403 and we get the same login loop. I've tried updating to Teams App 1449/1.0.94.2021033002 but problem persists. I have tried both the original web login method as well as the new remote provision/login method and both result in the same login loop.

If I roll the firmware back to 5.9.5.3153 and Teams App 1449/1.0.94.2020121001, I can web login the phone again without issue. I can then fully upgrade the phone's firmware and Teams App version to latest and the phone will stay logged in. However, if I log it out, I can't log it back in as it gets stuck in the same loop.
The biggest issue of all is that there's no way to stop these phones from automatically getting the update eventually! Deferring for 90 days is the best we can do and that's a very manual process to have to set each and every phone as they come in. Imagine how rough it's going to be when you have hundreds of phones!
Has anyone found a real solution to this issue? I am about to start rolling back firmware but was hoping someone has an answer.
I've not heard anything back on our open Microsoft support ticket but the more people that open tickets, the more visibility this is going to get for quicker resolution.
I'd definitely agree. Open tickets if you haven't already. I've not heard anything from support on my ticket other than "sorry for the delay, we're waiting to hear back from engineering".
1 best response

Accepted Solutions
best response confirmed by ThereseSolimeno (Microsoft)
Solution

So I have a small update from Microsoft on this, and it's more of a temporary fix from what I understand.

 

  1. Login to https://endpoint.microsoft.com/#blade/Microsoft_Intune_DeviceSettings/DevicesEnrollmentMenu/enrollme...
  2. Create a new Device Type Restriction
  3. Give it a name
  4. On "Platform Settings" change "Android Enterprise (work profile)" to BLOCK
  5. Make sure "Android Device Administration" is set to ALLOW
  6. Click Next
  7. Click Next
  8. Under Assignments click Add Group and select the group of users that are signing into devices.
  9. Click through to finish the setup

 

Wait a few minutes, and reboot the phone, login again.

 

I'm still trying to find out how to resolve the issue correctly, but this seems to have helped most of the cases I've had issues with so far.

View solution in original post