What is Modern Authentication (MA)?
Modern Authentication, also know as MA for short, is an umbrella term for a variety of authentication and authorization methods between a client and server and is based on Active Directory Authentication Library (ADAL) and the OAuth2 protocol.
It uses security tokens that can determine the scope of permissions for users and/or groups that can have a specific lifetime set on them and can also be revoked.
It also supports the use of multi-factor authentication (MFA) which is the combined use of passwords and one-time codes, something very common place when logging into your personal services such as banking and social media, amongst others.
Why do we need to be aware of MA?
Before MA, Microsoft employed Basic Authentication based on the OAuth protocol. This is now outdated and it will be disabled from October 2022, although the exact date is unknown at this time.
In the audio visual world, this most commonly relates to the connection to Microsoft Exchange servers for room booking and scheduling applications.
Once Basic Authentication is disabled, any devices that connect to Exchange will stop working and will no longer be able to schedule room bookings or pull scheduling information from Exchange, unless they can be updated to support MA.
What AMX devices are impacted?
Microsoft’s move to MA has a direct impact on the following AMX devices:
ACB-2107 – FG4221-07
ACB-2110 – FG4221-10
MD-702 – FG5969-55BL – When used in Acendo mode
MD-1002 – FG5969-49BL – When used in Acendo mode
RMS Enterprise software platform
What is the process to support MA?
AMX have undertaken extensive research with the above products to understand what is required to update to MA.
It has been determined that both the ACB and MD touch panels cannot be updated.
RMS has already been updated to support MA and will therefore continue to work with Exchange beyond October.
What are the next steps?
For RMS users, an update was provided in 2020 to allow support for MA. Users need to ensure they are running the latest version to allow for the continuation of room booking and scheduling with Exchange.
For users of ACB and MD panels in Acendo mode, there are 2 options available.
- Purchase new panels
- AMX are due to release a new line of touch panels that will support MA. Purchasing these panels will allow you to continue to have a direct connection to Exchange. A release date is not yet known but will not be before October.
- Use RMS
- As previously mentioned, RMS has been updated to support MA. With this, AMX plan to release a firmware update for ACB and MD panels that will allow them to connect to the RMS platform, instead of Exchange.
- RMS will act as a gateway between the panels and Exchange as it can use MA for the connection. A booking made on a panel is sent to RMS. It then takes this information and sends it to Exchange to book the room. When a booking is made in Exchange via Outlook, this information is sent to RMS, and this in turns then sends the information to the panel to display.
- ACB panels and Acendo mode on MD panels are designed to connect direct to Exchange, whereas traditional RMS systems using scheduling require the use of Netlinx processors and programming to function. With this change to use RMS as a gateway, there will be no requirement for processors or programming.
- It will however require the installation of RMS onto a server and require the installation to be licensed. Users will then be able to use the RMS Web UI to assign each ACB or MD panel to a ‘location’ (room). A guide on how to do this will be available here in the near future: Configuring ACB and MD panels to use RMS as a gateway to Exchange.
To discuss these options in more detail, please contact your Polar account manager and Polar Technical Support.