Hello @Midnite8 

welcome back tot he Poly community.

Tech Alert:

As of October 1st, 2022 Microsoft will remove Basic Authentication to Exchange Online. See  Basic Authentication Deprecation in Exchange Online September at Microsoft’s Tech Community site for additional details.

Optionally, you can file a one-time request to extend the timeframe to January 2023 as outlined in the section “Opting Out” of such announcement.

To eliminate any disruption in service Poly recommends to take IMMEDIATE action to review your OTD configuration, in case you do use basic authentication/auto-registration.

If your OTD tenant is already integrated using OAuth and your video devices have calendaring service configured to authenticate using OTD generated credentials, no action is required from you at this time.

However, if your OTD tenant still has video devices with calendaring service configured in auto-registration mode (where O365 credentials are configured directly in the calendar settings of the Poly video device while pointing the server address setting to otd.plcm.vc), Poly recommends you to take IMMEDIATE ACTION and change your authentication type from auto-registration to OTD generated credentials model prior to upcoming October 1st.

Detailed instructions on how to create a device, generate new device credentials and configure a Poly device can be found in our online documentation at  https://otd.plcm.vc/support/docs/devices/registering-a-device.

Failure to update the authorization type to OAuth and re-authorize the calendar integration will result in disruption of auto registration model for Poly endpoints to OTD which utilizes Basic Authorization at the time of deprecation.

It is recommended that any existing OTD configuration using auto registration migrate over to the service account or application identity models before the October 1st deadline set by Microsoft. 

It is highly recommended to no longer use automatic registration in any new deployments.  Any organization setting up the OTD service with Exchange Online for the first time now should use the application identity model outlined in our online documentation at https://otd.plcm.vc/support/docs/calendars/office365-connect-as-application.

If you have any questions, please contact Poly Global Support Services.

Best Regards

Steffen Baier

Hi, that's the article I've been reading but are you saying if we use OTD generated creds we don't need enable Oauth? Whats the purpose for adding that functionalty in 6.2.2.7 onward? 

Hello @Midnite8 ,

it is for direct registration to Exchange

Please ensure to provide some feedback if this reply has helped you so other users can profit from your experience.

Best Regards

Steffen Baier

A little side track but for the Trio series, if we follow the steps to upgrade to above version 5.9.1 AND set feature.exchange.allowBasicAuth="0", this should also disable Basic Auth, correct? We use the Sfb profile and do not use OTD for Trio series(only generic profile works with OTD).

Some of my Trio devices are still being flagged as using EWS to authenticate to Exchange Online that I've already updated since July. I'm a little confused on what the actual method is to check whether the device is authenticating with modern auth or not.

I've used this method in this post: https://community.poly.com/t5/Microsoft-UC-Platforms/How-to-check-if-Trio-8800-connects-successfully...

Trio Event 2 logs for the mentioned entries and found these pattern:

 

0303065436|auth |2|00|prepareOAuth2TokenRefreshReqBody: ClientID:a850aaae-d5a5-4e82-877c-ce54ff916282

And found this article but it was not as clear.

https://support.poly.com/support/s/article/knova-46805-how-to-check-if-a-trio-phone-is-negotiating-m...

Hello @Midnite8 ,

simply download the additional file which disables photo integration as this is what is being flagged up.

I try and add the info to the article

Please ensure to provide some feedback if this reply has helped you so other users can profit from your experience.

Best Regards

Steffen Baier

Thanks, I saw you updated the article. Back to the GS 500, I guess I am not understanding how OTD generated creds translate to using Modern Authentication. I looked at the sign-in logs of a GS 500 that I updated and registered to OTD but still see it authenticate to Exchange Online with Exchange Web Services, which is under the category of Legacy Authentication Apps.

Hello @Midnite8 ,

I suggest you raise a support ticket if nobody else responds

Please ensure to provide some feedback if this reply has helped you so other users can profit from your experience.

Best Regards

Steffen Baier