Welcome to TeamViewer Tensor. This blog guides you through the essential steps to get started with TeamViewer Tensor and secure your environment for enterprise‑grade remote connectivity. It addresses the challenge of quickly and correctly getting enterprise‑grade remote access up and running and helping you avoid common setup pitfalls.
Designed for you, our new TeamViewer Tensor admins, we’ll guide you through six key actions to help you establish a strong foundation and see immediate value from your Tensor deployment.
1. Activate your TeamViewer Tensor license
Your Tensor journey begins with license activation. This unlocks all enterprise features and ensures your admin account has the right permissions right from the start.
Get started:
Activate your Tensor license
Once activated, you’re ready to start configuring your environment.
2. Create user groups or use automated provisioning via SCIM connectors
User groups and roles in TeamViewer Tensor help IT teams assign the right permissions to the right people, securely and efficiently.
Get started:
User groups
This becomes your foundation for scalable, consistent governance.
Optional:
With SCIM (System for Cross-domain Identity Management), it is possible to synchronize users and user groups from many different Identity Providers (IdP), such as Okta and Microsoft Entra ID (formerly Azure Active Directory), to TeamViewer.
Get started:
Microsoft Entra ID Integration - SCIM Configuration
Okta Integration - SCIM Configuration
With this in place, your user and group management is automated, consistent, and ready to scale.
3. Set up Single sign-on (SSO)
SSO is one of the most impactful early configurations you can make. It centralizes authentication, simplifies user onboarding, and strengthens your security posture.
Get started:
Single sign-on (SSO)
Rolling out SSO early ensures your users enjoy a seamless experience from day one.
4. Manage your devices
To organize your environment, use device groups to structure access, delegate management, and ensure users can only reach the devices they need.
Get started:
Create, edit and delete a device group
Apply manager permissions at group level
Share and manage access to devices in TeamViewer
This creates the foundation for TeamViewer policies and Conditional Access.
5. Build your first Conditional Access rules
Conditional Access is where Tensor’s enterprise‑grade security truly shines. These rules define who can connect to which devices, under what conditions, and with which restrictions.
Get started:
Get started with Conditional Access
Start with simple, high‑impact rules such as:
- Only IT admins can access production servers
- Support teams can connect only to end‑user devices
- External users require approval or restricted access
You can refine and expand your rule set as your environment grows.
6. Deploy your first Host
Now it’s time to scale. Deploying your first batch of Host modules ensures your devices are ready for secure, policy‑driven remote access.
Get started:
How to deploy TeamViewer within your environment
- Create your custom Host module
- Deploy via your preferred method (Intune, SCCM, Jamf, script‑based, etc.)
- Confirm devices appear in your device groups
- Apply your policy for consistent settings
Your Host modules are deployed, and your environment is officially operational.
Just the beginning and not the end
Put these best practices into action and continue building a secure, scalable remote access environment. To deepen your setup, explore the TeamViewer deployment and configuration guide.
Keep learning in our documentation, and try these features directly in your Tensor environment. Do you have any additional steps you'd like to share with us in the Community? Share your experience with us and let’s get started together!
Stay connected!
