With additional scrutiny over cloud-hosted meeting providers such as Microsoft Teams of late, now is an important time for you to understand what the different roles within a meeting are, what each of those roles allows someone to do, and how can you change the role assignments.
So you’re attending a meeting and want to know what you can do with the user role permissions that you have? Maybe you are setting up a meeting of your own and are worried about other people being able to steal the stage or take over your meeting; especially important for teachers using Microsoft Teams to present to classes.
Understanding the meeting defaults
In Microsoft Teams, everyone by default is given the Presenter permission. Right now, there isn’t an option to configure this via the Teams Admin Center globally or with a per-user scoped policy.
What this default setting means is that when you create a meeting and send out that invite, everyone that receives the invite will be able to present. What’s important to note is what that Presenter role grants.
What is the Presenter meeting role?
You can look at the table at https://support.microsoft.com/en-us/office/roles-in-a-teams-meeting-c16fa7d0-1666-4dde-8686-0a0bfe16e019 which lists the permissions granted to each of the user roles but simply put, a Presenter has exactly the same permissions as the Organiser. Some of these include:
- Admitting people waiting in the lobby
- Mute other participants
- Remove participants from the meeting
- Start and stop the meeting recording
- Change the roles of other participants
- Share their own screen or content
The all presenter danger
It’s clear to see from the list above that with the default permissions granted to the Presenter user roles that there is a potential issue. If you are holding staff internal meetings this may not be a problem but as soon as you introduce external third-parties into the meeting or a teacher-student situation that there is a problem.
In the default configuration it is possible for students joining a meeting to actually evict the teacher from their own meeting. It is also possible for external users to admit other people into a meeting from the lobby.
Changing user roles assigned in a meeting
With everything we’ve shown above, we think that it’s clear that there are absolutely situations where these defaults are problematic and will need to be changed.
Changing the user roles assignment in the Microsoft Teams Admin Center
Let’s cover this one first as this is really important. Right now there is no setting that we can configure globally via the Microsoft Teams Admin Center to change the default assignment of the user roles in Microsoft Teams.
We really hope that this is addressed by the Product Group for Microsoft Teams soon to allow us to configure this globally so that, at minimum, external meeting participants are set to attendees by default. For the meantime, however, this requires user education and self-service.
Microsoft has already reported that this is being worked on as part of the Microsoft 365 Roadmap under https://www.microsoft.com/en-gb/microsoft-365/roadmap?featureid=63206, however, the status right now is in development with a target of May 2020 (anytime now in theory).
Changing the user roles assignment before a meeting starts
As a user that has created a meeting invitation, the organiser, I have the ability to set the meeting user roles that are assigned. I can either do this prior to the meeting (the safest option) or during the meeting (the less-safe option).
It’s important to note that this has to be done after the meeting invitation has been sent. You cannot pre-stage these settings before sending the invite.
Once the invite is sent you can head into the meeting via the calendar and select the Meeting options link just below the meeting name at the top. I’ve made a personal habit of immediately after sending out the invite, jumping back in to change the Meeting options.
Once you’re on the Meeting options page you’ll that there are a few options as shown below.
The first option, who can bypass lobby, determines who gets directly into the meeting verses who has to be admitted manually. This setting can be controlled by an admin and recently, Microsoft has changed the default setting for this as per the Microsoft 365 Roadmap at https://www.microsoft.com/en-gb/microsoft-365/roadmap?filters=&filters=&searchterms=63388.
The last option and the one we’ve come for allows us to change who is assigned the Presenter user role by default. Click the drop-down and change the setting from Everyone to your desired setting. You can pick from the following options.
- People in my organisation
- Specific people (which then allows you to pick the people)
- Only me
For meetings occurring internally within a company the default setting of Everyone is probably just fine. If you are adding external users to a meeting then the setting People in my organisation may be okay but you might want to restrict it further to specific people.
For teachers using Microsoft Teams to present classrooms and learning to a large group of students, the Only me option may be the best choice.
Changing the user roles assignment during a meeting
If you are already in the meeting and you want to be able to change the permissions assigned to a user, bring up the Participants list for the meeting. Simply right-click on the participant that you want to promote or demote and select the appropriate option such as Make an attendee or Make a presenter.
This is the same place to go if you want to remotely mute a participant or even evict them from the meeting.
Clarification on the People in my organisation permission group
All is not as it may seem with this setting. Please, refer to the sister article that we’ve published alongside this article, Understanding the People in my organisation permission in Microsoft Teams for more information.
Microsoft Teams policies and governance
Rolling out the client and letting users work with Microsoft Teams is only part of the story. Ensuring that you have appropriately configured settings in the Microsoft Teams Admin Center and elsewhere in the Microsoft 365 security stack to cover policy, governance, and security is a requirement too.
At Arcible, we can help you map your business and end-user requirements to policies and governance strategies to allow your users to work and collaborate but to also ensure that your organisation and the data it owns stays safe. Contact us if you would like to find out more or help with managing your Microsoft Teams deployment.