Are you working with Insider Builds❓
Participate in our survey and get to know the new UI 👉 here 👈.
TeamViewer Design Change Request
So yet again we have more issues. Since TeamViewer is designed in the way that it is we now have discovered an oversight in it’s design and thus it’s design in broken in proof of concept.
Deploying TeamViewer is very device centric, opposite of where most other software companies are going. This being user centric. Since TeamViewer is applying policies based on devices and not users it become very difficult to manage user behavior from one device to another. This brings deploying TeamViewer in a cloud environment, such as Office 365/Azure AD using a variety of MDM tools, in our case Intune, is a disaster. I can see how this would translates into a Active Directory environment as well.
Intune can deploy based on devices or users, but when you need to know who gets the Host or Full version this is nearly impossible at best when deploying to devices. If a user changes device how can we ensure they get the correct version of TeamViewer? This generates a lot of overhead in management.
Ok so deploy the full version of TeamViewer and forget the Host version. Sounds like this would solve the issue. Afraid not! Since the Full version is deployed in such a way that it requires not only that the user click “Allow and finish” but there is nothing preventing them from signing in using their own personal TeamViewer account and connecting to other computers outside of the company. You still have way to many holes that are easily circumvented by amateurs.
TeamViewer seriously needs to reconsider their approach on how that design and allow people to deploy TeamViewer. You are making this far more difficult than it needs to be. A simple MSI complied from our account for our account only and user based policies.
I would hate to say get your head out of the clouds as this be the opposite of my suggestion. We live in a world of “Stranger Things”, so get your head out of the “upside down”.
Suggestions for a cloud first world:
1. Single installer that is complied from out TeamViewer account that includes all the IDs and/or tokens required to assign that installer to our account. Preferably an MSI so that it can be deployed with Intune.
2. Policies should be based on users. Thus the TeamViewer that is installed, this being the Full version, would get the policies set forth for the user that logs into the TeamViewer software. This would control what function would be available based on that user’s policy
3. Suggestion #2 would provide better control as to who can access who’s device. (e.g. C-Level employee). If user is logged into more than one device a prompt would be presented to the initiator listing the current devices that the user is requesting support for.
4. Do away with the Host version as it is not needed.