Configure accounts for Microsoft Teams Rooms
Read this topic to learn about Microsoft Teams Rooms and how it integrates with Exchange and Skype for Business.
This topic introduces how to create accounts used by Microsoft Teams Rooms in Microsoft Exchange and Skype for Business. Deployment instructions for Microsoft Teams Rooms devices is covered in Configure a Microsoft Teams Rooms console. Your infrastructure will likely fall into one of the following configurations:
Online deployment: Your organization's environment is deployed entirely on Microsoft 365 or Office 365. For more information, see Deploy Microsoft Teams Rooms with Microsoft 365 or Office 365.
On-premises deployment: Your organization has servers that it controls, where Active Directory, Exchange, and Skype for Business Server are hosted. For more information, see Deploy Microsoft Teams Rooms with Skype for Business Server
Hybrid deployments: Your organization has a mix of services, with some hosted on premises and some hosted online through Microsoft 365 or Office 365. With Microsoft Teams Rooms, the following hybrid scenarios are supported:
Exchange Online with Skype for Business Server on premises. For more information, see Deploy Microsoft Teams Rooms with Exchange Online (Hybrid).
Exchange on premises with Microsoft Teams or Skype for Business Online. For more information, see Deploy Microsoft Teams Rooms with Exchange on premises (Hybrid).
Which configuration you have will affect how you prepare for device setup.
Microsoft Teams Rooms needs to be assigned a "device account" in Active Directory, Exchange, and Skype for Business. The account is used to access its meeting calendar and establish Microsoft Teams or Skype for Business connectivity. People can book this account by scheduling a meeting with it. Microsoft Teams Rooms will be able to join that meeting and provide various features to the meeting attendees.
Without a device account, none of these features will work.
Every device account is unique to a single Microsoft Teams Rooms device, and requires some setup:
The device account must be configured correctly.
Your infrastructure must be configured to allow Microsoft Teams Rooms to validate the device account, and to reach the appropriate Microsoft services.
It is highly recommended that account creation be done well in advance of actual hardware installation. Ideally, account preparation is started two to three weeks before installation.
In hybrid environments the account used for Microsoft Teams Rooms must have password sync enabled in Azure Active Directory (AAD) Sync because Microsoft Teams Rooms authentication requires Microsoft 365 or Office 365 authentication. When setting up the account, make sure that the account's SIP address matches its User Principal Name (UPN) in AAD.
You can think of a device account as the resource account that people recognize as a conference room's or meeting space's account. When you want to schedule a meeting using that conference room, you invite the account to that meeting. In order to use Microsoft Teams Rooms most effectively, you do the same with the device account that's assigned to each one.
If you already have a resource mailbox account set up for the meeting space where you're installing Microsoft Teams Rooms, you can change that resource account into a device account. Once that's done, all you need to do is add the device account to a Microsoft Teams Rooms device. See device account setup examples provided below.
With additional configuration, remote management is possible using Microsoft Azure Monitor as described in Plan Microsoft Teams Rooms management with Azure Monitor, Deploy Microsoft Teams Rooms management with Azure Monitor, and Manage Microsoft Teams Rooms devices with Azure Monitor.
These properties represent the minimum configuration for a device account to work with Microsoft Teams Rooms. Your device account may require further setup.
|Exchange mailbox (Exchange 2013 SP1 or later, or Exchange Online)
||Enabling the account with an Exchange mailbox gives the device account the capability to receive and send both mail and meeting requests, and to display a meetings calendar on the Microsoft Teams Rooms device. The Microsoft Teams Rooms mailbox must be a room mailbox.
|Skype for Business is enabled
||Skype for Business must be enabled in order to use various conferencing features, like video calls, IM, and screen-sharing. Both Skype for Business Online and Skype for Business Server are supported.
||The device account must be enabled with a password, or it cannot authenticate with either Exchange or Skype for Business Server.
While the properties for the basic configuration will allow the device account to be set up in a simple environment, it is possible your environment has other restrictions on directory accounts that must be met in order for Microsoft Teams Rooms to successfully use the device account.
||Certificates may be required for both Exchange and Skype for Business Server. To deploy certificates, you can load them when logged in as Admin.
The easiest way to set up device accounts is to configure them using remote Windows PowerShell. Microsoft provides SkypeRoomProvisioningScript.ps1, a script that will help create new device accounts, or validate existing resource accounts you have in order to help you turn them into compatible Microsoft Teams Rooms device accounts.
If you prefer to use the Microsoft 365 or Office 365 UI over Windows PowerShell cmdlets, some steps can be performed manually. See Creating a device account using Microsoft 365 or Office 365.