Pfizer are attempting to disable it only for MTRs, with no need to roll back the CAPTCHA for all other external users.
As per https://help.webex.com/en-us/WBX90534/Attendee-is-Prompted-for-CAPTCHA-While-Joining-the-Meeting CAPTCHA is expected in various scenarios specially when an external user is joining meeting. Control Hub only has this option 'Show CAPTCHA when attendees enter a host's Personal Room'.
Have PFIZER (Premium Customer) with this exact behavior. Which is expected cause per customer explanation:
1. How the MSFT Rooms are invited? The rooms are invited through Outlook/Exchange. MSFT Room reads it’s Exchange calendar which shows the upcoming meeting and, more importantly, the Webex context to allow the device to provide the OTJ button and Webex ball image. The Webex context is created via the WebEx add-in from my Outlook Ribbon when creating the invite.
2. How the MSFT Rooms join? Directly from the main display by pressing a Join button or using GUI/Software? Could be possible that someone of your team can record how the device
joins? By pressing the OTJ button. This had been working fine for many months up until the timeframe above/late 2021. One-Touch Join is paramount to this experience as it provides the most intuitive and consistent experience for our users w/out the complexity nor intimidation factor of additional ‘hoops’ to join the meeting.
3. Do the MSFT Rooms can dial to video address? If so, what’s the experience there? The Teams App experience does not support this ability. However, logging into the Windows 10 IOT environment on the MTR UC Engine, as I did with you to generate the logging info, would be possible as it provides a full Windows environment complete with the Edge browser.
The MSFT Rooms join through a WebClient and that I believe is why webex detects this request as a ThinClient. And per security Features, there is a backend toggle, which will add the verification STRING (Captcha) when a ThinCLient joins to a PMR or any meeting. The toggle has the intention to mitigate the fraudsters that with WebApp & BOTS join to webex meetings and disturbed the attendees. Forcing a verification string, the BOTS don’t know how to bypass it.
The intention of the enhancement is that in some way, the Joining Service could recognize the requests from MSFT Rooms and “bypass” the verification string.
The MSFT Rooms join through a WebClient and that I believe is why webex detects this request as a ThinClient. And per security Features, there is a backend toggle, which will add the verification STRING (Captcha) when a ThinCLient joins to a PMR or any meeting. The toggle has the intention to mitigate the fraudsters that with WebApp & BOTS join to webex meetings and disturbed the attendees. Forcing a verification string, the BOTS don’t know how to bypass it.
The intention of the enhancement is that in some way, the Joining Service could recognize the requests from MSFT Rooms and “bypass” the verification string.
Attachments Open full size