Coming Soon: GET:IT Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET Coming Soon: GET:IT Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET
Microsoft Teams|Office 365

How to Identify Unsupported Teams Devices using Endpoint Manager

At the end of June Microsoft announced that they would retire Teams mobile support for Android 4.4 (KitKat) by September this year, which is just around the corner.

This in general is good, because if you use Intune to manage your devices today, then you should be planning to move to Android Enterprise management features that require Android 5.0 or higher – or ideally Android 6.0 and above.

However, moving to a newer version of Android isn’t straightforward because unlike Apple’s iOS, which has a clear-cut set of definitions for which devices will get OS updates, the decision to update an Android OS rests with various device manufacturers, and in many cases wireless carriers.

Devices affected by this change are smartphones and tablets that are typically at least five years old and include older devices such as the Samsung Galaxy S3. Most devices from around 2015 onward received updates to Android 5 (Lollipop) and Android 6 (Marshmallow); dedicated Teams phones are not affected by this change.

Sponsored Content

Say Goodbye to Traditional PC Lifecycle Management

Traditional IT tools, including Microsoft SCCM, Ghost Solution Suite, and KACE, often require considerable custom configurations by T3 technicians (an expensive and often elusive IT resource) to enable management of a hybrid onsite + remote workforce. In many cases, even with the best resources, organizations are finding that these on-premise tools simply cannot support remote endpoints consistently and reliably due to infrastructure limitations.

Finding older devices enrolled with Intune

If you enroll devices with Intune, then these will be straightforward to identify. The Intune Company Portal app has only supported Android 5.0 and higher since January 2020, therefore it’s unlikely you will have received any new enrolments since then – but devices with the app already installed can continue to enrol today.

To find these devices and export a list, visit the Microsoft Endpoint Manager Admin Center and navigate to Devices>Android Devices. You will see a list of all Android devices currently enrolled:

Image #1 Expand
Figure 1: Viewing Android 4.4 devices in the MEM portal (image credit: Steve Goodman)

If you need to filter the list of enrolled Android devices running the affected version, enter 4.4 into the Search by.. box in the UI. You can the use Export to gain a list of all enrolled devices.

Finding all older devices using Azure AD Sign-In logs

If you allow mobile devices to use Teams without Intune enrollment, or do not use Intune, then you will need to use a different method to discover devices running older versions of Android.

The Azure AD admin center provides the ability to review, filter and export sign-ins for the last month, which should give you a good indication of all older Android devices connected to your environment.

To find these devices, visit the Azure AD admin center and navigate to Sign-ins. Choose the time period you wish to filter by, then filter by Operating system starts with entering the value “Android 4” combined with Application starts with, using the value “Microsoft Teams”.

This will show a comprehensive list of all sign-ins to the Microsoft Teams application from Android 4.4 devices:

Image #2 Expand
Figure 2: Using Azure AD Sign-In logs to find Android 4.4 devices using Teams (image credit: Steve Goodman)

Because these are sign-in logs, you will see an element of duplication, which will make it harder to identify individual devices. Therefore, use the Download option to export a CSV report of the filtered sign-ins. You can then open this in Excel, and use the Remove Duplicates, using Username as the key to reduce this list to one line per user:

Image #3 Expand
Figure 3: Using Excel to provide a consolidated list of Android 4.4 Teams clients (image credit: Steve Goodman)

After identifying users affected, you will have several options. For BYOD (Bring your own device) scenarios, it is unlikely you will need to provide a replacement, but you will need to inform users that Teams is expected to cease working on their device.

For corporate-owned devices running older versions that you replace, it is worth ensuring any replacement devices you issue will continue to receive security updates as well as Android OS updates.

Related Topics:


Don't have a login but want to join the conversation? Sign up for a Petri Account

Comments (0)

Leave a Reply

Technology Writer for Petri, focused on Microsoft Teams and UC news. A nine-time Microsoft MVP, author of several Exchange Server books and regular conference speaker, including at Microsoft conferences including Ignite, TechEd and Future Decoded. Steve has worked with Microsoft technology for over 20 years beginning and has been writing about Exchange and the earliest iterations of Office 365 since its inception. As Principal Technology Strategist at Content+Cloud, Steve helps customers plan their digital transformation journey and gets hands on with Microsoft Teams, Exchange and Identity projects.
Live Webinar: Active Directory Security: What Needs Immediate Priority!Live on Tuesday, October 12th at 1 PM ET

Attacks on Active Directory are at an all-time high. Companies that are not taking heed are being punished, both monetarily and with loss of production.

In this webinar, you will learn:

  • How to prioritize vulnerability management
  • What attackers are leveraging to breach organizations
  • Where Active Directory security needs immediate attention
  • Overall strategy to secure your environment and keep it secured

Sponsored by: