Expanding Teams Best Practice Configurations: 3 Scenarios to Elevate Call Quality and Reliability
We’re excited to announce the next phase of enhancements to the Best practice configurations dashboard in Teams admin center with three new scenarios that further empower administrators to optimize their tenant’s collaboration experience
Microsoft is removing the ability to dial 0 during a personal greeting in Teams Phone voicemail
An FYI for those of you using Teams Phone: We recently learned, due to customer complaints, that Microsoft is rolling out an update to the "voicemail bot" in Microsoft Teams Phone that takes personal voicemail messages. This new version of the bot has removed the ability for customers to press 0 to follow the configured opt-out (transfer) option for the mailbox (i.e. operator, call queue, etc). Pressing zero is ignored and does not interrupt the greeting. I'm specifically referring to setting VoicemailWithTransferOption with an associated TransferTarget. We see this as a customer service disaster that is not aligned with industry conventions or customer service best practice. We have pushed back strongly on Microsoft's decision making but they say that only a handful of customers have complained. This new bot is 70% rolled out to tenants as we speak. Microsoft customer support has associated our tenants to the "old bot" for the time being, but saying they are unsure how long they can maintain this as the rollout continues.
Client authentication EKU changes in public TLS certificate
Hi, Can someone clarify the upcoming change to remove the client authentication EKU and the conflicting information within MS docs for Teams Direct Routing certificates? As stated here from October 2025 there is an industry wide change to remove the client authentication EKU from issued TLS certificates: https://knowledge.digicert.com/alerts/sunsetting-client-authentication-eku-from-digicert-public-tls-certificates However, both server and client EKU's are required for mTLS and Microsoft states here that both server and client EKU's are required: https://learn.microsoft.com/en-us/microsoftteams/direct-routing-whats-new#sbc-certificates-eku-extensions-test Digicert are offering an X9 PKI that includes both server and client EKU's but it seems the signing CA is not trusted by Microsoft at this stage. What guidance are Microsoft offering with this upcoming change to ensure that customers are not affected when renewing their certificates?
New to teams: Are multiple outgoing sales lines possible?
Hey everyone! I am the sys admin of my small law firm, and we officially switch to Teams and Microsoft as a phone provider on September 15th. Currently we use 3cx as our PBX and Callcentric as our provider. Most everything is already set up, and waiting for the port. I already have a reception and incoming sales queue set up with a main auto attendant, basically cloning what we have now. We are noticing that our main phone line is being marked as spam when we call out, likely due to it being our main line and our sales dept is going gangbusters. It was suggested we buy multiple sales lines and switch the number our salesperson is dialing from every so often. What I am wondering is: If we purchase a handful of these numbers, is there an easy way to switch what the outgoing number of our salesperson/sales team/sales queue is showing on outgoing calls and is there a way to have incoming calls from each of those numbers funnel into our incoming sales queue, which is often populated with at least two people? For reference, we will no longer be using 3cx after the 15th so everything is under MS's roof. I also asked copilot hoping it would have some insight, but Im not entirely sure if it understood my situation. Any help is appreciated.
Since Aug 22nd we can't save any Side Panel tabs
Hello! Yesterday (Aug 22nd 2025) we got an update in our Teams Links that we normally share to start meetings. They were modified from this format: https://teams.microsoft.com/l/meetup-join/19%3ameeting_XXXXXXXXXXXXXXX%40thread.v2/0?context=%7b%22Tid%22%3a%22xxxxxxxxxxxx%22%2c%22Oid%22%3a%22xxxxxxxxxxxxxx%22%7d to https://teams.microsoft.com/meet/00000000000?p=XXXXXXXXX Sensitive values and ids have been redacted above and inside all the snippets in this post. This looks like a planned rollout, as specified here: https://mc.merill.net/message/MC772556 After this change, none of our apps are able to save a side panel into any of the meetings with the new link format. We had a couple of older, still available meetings whose link had the previous format, and we are able to save the side panel there, but no matter what we tried, nothing allowed us to solve this situation on our end. My final resort is this post in hopes of a solution to what we see. Each save operation yields a 500 on this call https://teams.microsoft.com/api/chatsvc/amer/v1/threads/19%3Ameeting_XXXXXXXXXXXXXXXXXX%40thread.v2/properties?name=tab%3A%3Axxxxxxxxxxxxxxxx { "errorCode": 500, "message": "{\"subCode\":\"TabOperationFailed\",\"details\":\"Initiator 8:orgid:xxxxxxxxxxxxxx failed perform tab operation\",\"errorCode\":1500,\"errorSubCode\":null}", "standardizedError": { "errorCode": 1500, "errorSubCode": 1, "errorDescription": "TabOperationFailed-Initiator 8:orgid:xxxxxxxxxxxxxx failed perform tab operation" } } I ended up trying to manually install it with graph api calls, which didn't work either and gave me a 502 curl -s -X POST "https://graph.microsoft.com/v1.0/chats/$CHAT_ID/tabs" \ -H "Authorization: Bearer $ACCESS_TOKEN" -H "Content-Type: application/json" \ -d '{ "displayName": "DisplayName", "email address removed for privacy reasons": "https://graph.microsoft.com/v1.0/appCatalogs/teamsApps/'"$TEAMS_APP_ID"'", "configuration": { "entityId": "entity-random", "contentUrl": "https://<domain>/?theme={theme}&locale={locale}", "websiteUrl": "https://<domain>/" } }' | jq . { "error": { "code": "BadGateway", "message": "Failed to execute backend request.", "innerError": { "date": "2025-08-22T03:36:08", "request-id": "b4bbade7-1ea2-46df-a1d9-92cdda9e360b", "client-request-id": "b4bbade7-1ea2-46df-a1d9-92cdda9e360b" } } } Then, thinking there was something wrong with my app, I used a MS app, same result curl -s -X POST "https://graph.microsoft.com/v1.0/chats/$CHAT_ID/tabs" \ -H "Authorization: Bearer $ACCESS_TOKEN" \ -H "Content-Type: application/json" \ -d '{ "displayName": "Website - test", "email address removed for privacy reasons": "https://graph.microsoft.com/v1.0/appCatalogs/teamsApps/com.microsoft.teamspace.tab.web", "configuration": { "entityId": null, "contentUrl": "https://www.microsoft.com", "websiteUrl": "https://www.microsoft.com" } }' | jq . { "error": { "code": "BadGateway", "message": "Failed to execute backend request.", "innerError": { "date": "2025-08-22T04:02:36", "request-id": "ece5590e-f23f-4780-a4a6-20c1b2f0d0f3", "client-request-id": "ece5590e-f23f-4780-a4a6-20c1b2f0d0f3" } } } I then tested it against chats that do not belong to a meeting. Both apps succeeded curl -s -X POST "https://graph.microsoft.com/v1.0/chats/$REGULAR_CHAT_ID/tabs" \ -H "Authorization: Bearer $ACCESS_TOKEN" -H "Content-Type: application/json" \ -d '{ "displayName": "Website - test", "email address removed for privacy reasons": "https://graph.microsoft.com/v1.0/appCatalogs/teamsApps/com.microsoft.teamspace.tab.web", "configuration": { "entityId": null, "contentUrl": "https://www.microsoft.com", "websiteUrl": "https://www.microsoft.com" } }' | jq . { "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#chats('19%3xxxxxx_xxxxxxxxxxxx%40unq.gbl.spaces')/tabs/$entity", "id": "a0cca657-12d0-4df0-84d8-cc1f8fa7d3e6", "displayName": "Website - test", "webUrl": "https://teams.microsoft.com/l/chat/19%xxxxxxxxx_XXXXXXXXX%40unq.gbl.spaces/tab%3a%3xxxxxxxxxxxxxxxxxxxxxx?webUrl=https%3a%2f%2fwww.microsoft.com&label=Website+-+test&tenantId=xxxxxxxxxxxxxxxxxxx, "configuration": { "entityId": null, "contentUrl": "https://www.microsoft.com", "removeUrl": null, "websiteUrl": "https://www.microsoft.com" } } curl -s -X POST "https://graph.microsoft.com/v1.0/chats/$REGULAR_CHAT_ID/tabs" \ -H "Authorization: Bearer $ACCESS_TOKEN" -H "Content-Type: application/json" \ -d '{ "displayName": "redacted", "email address removed for privacy reasons": "https://graph.microsoft.com/v1.0/appCatalogs/teamsApps/'"$TEAMS_APP_ID"'", "configuration": { "entityId": "redacted", "contentUrl": "https://<domain>/?theme={theme}&locale={locale}", "websiteUrl": "https://<domain>/" } }' | jq . { "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#chats('19%3xxxxxxxxxxxxx_xxxxxxxxxxxxx%40unq.gbl.spaces')/tabs/$entity", "id": "xxxxxxxxxxxxxxxxxxxxxx", "displayName": "redacted", "webUrl": "https://teams.microsoft.com/l/entity/<redacted>/_djb2_msteams_prefix_000000000?webUrl=https%3a%2f%2f<domain>%2f&label=redacted+label&context=%7b%0d%0a++%22context%22%3a+%22chat%22%2c%0d%0a++%22chatId%22%3a+%2219%3axxxxxxx_xxxxxxxxx%40unq.gbl.spaces%22%2c%0d%0a++%22subEntityId%22%3a+null%0d%0a%7d&tenantId=xxxxxxxxxxxxxxxx", "configuration": { "entityId": "redacted", "contentUrl": "https://<domain>/?theme={theme}&locale={locale}", "removeUrl": null, "websiteUrl": "https://<domain>/" } } At this point we don't know what else to do, seems like a meeting specific issue that we are unable to solve. It's affecting our tenants in all environments, since our primary business flow relies on this panel. All the snippets contain real dates and request-ids, here's hoping it helps somehow. Help, and thanks in advance. ~A. del YerroRandomly getting opt-out / opt-in in a CallQueue
Dear All, Once again one of my customers is experiencing something no other words can describe but: magical. Set-up: CallQueue "CQ1" Call answering: "Team1" (with 8 people in it) Conference mode: on Routing: attendant and not precence-based Users can opt out of taking calls 2 out of the 8 persons in Team1 is experiencing that they are randomly getting opt-out or opt-in during the day. Already deleted the cache, re-installed teams (newest versions) but this unwanted magical thingy is still occurring multiple times a day. Anyone else having or had this symptoms? Can't figure out what to do next. Thanks for you thoughts and time! Benjamin
Team call handling - option to redirect calls if there is no answer
Dear Community To prevent calls from being dropped when the Teams client is offline, we have set the global calling policy 'Voicemail for inbound calls' to 'On' (AllowVoicemail: AlwaysEnabled in PowerShell CsTeamsCallingPolicy). With this setting enabled, incoming calls to users who are not logged in to a client are forwarded to their voicemail. Until recently (1-2 month?) users had the option to set the rule "When you can't answer a call" and "Ring for this many seconds before redirecting" in the Teams client. Now, only the 'Ring for this many seconds before redirecting' option is shown, and sometimes even that setting is unavailable. We cannot rule out an issue with the Teams client; however, resetting the app does not help at the moment. Reversing the entry on the calling policy 'Voicemail for inbound calls' to 'Let users decide' does solve the issue in the Teams client. However, depending on the user's configuration, calls may be dropped if the user is offline. According to Microsoft's documentation, this is an expected behaviour; however, the user should not be able to change the redirection time (fixed to thirty seconds). https://learn.microsoft.com/en-us/powershell/module/microsoftteams/set-csteamscallingpolicy -AllowVoicemail Enables inbound calls to be routed to voicemail. Valid options are: AlwaysEnabled: Calls are always forwarded to voicemail on unanswered after ringing for thirty seconds, regardless of the unanswered call forward setting for the user. AlwaysDisabled: Calls are never routed to voicemail, regardless of the call forward or unanswered settings for the user. Voicemail isn't available as a call forwarding or unanswered setting in Teams. UserOverride: Calls are forwarded to voicemail based on the call forwarding and/or unanswered settings for the user. What is the recommended policy setting for 'Voicemail for inbound calls' and how can we ensure that incoming calls are transferred to voicemail when the user is offline, while still enabling them to set 'When you can't answer a call'? Many thanks.Queues App - Has Monitor/Whisper/Barge/Takeover gone live yet?
Has anyone tenants queues app actually updated with Monitor/Whisper/Barge/Takeover yet? It was supposedly in GA a couple of months ago, but everyone I have asked have yet to see it yet. I have: - Confirmed the manager has Teams Premium and not just standard Teams Phone. - Verified Voice Applications Policy and includes the manager as an Authorized User. - Ensured the manager is using a supported Teams client (not web). - Checked for nesting issues with call queues or auto attendants lacking resource accounts. - Reviewed the number of queues assigned to the manager—too many can cause issues. Is it just the roll out has hit a bump?
