Provisioning shared mobile devices (smartphones) with IP subnet detection
Account owners and admins can allow smartphones to be provisioned as common areas. This can be useful for various Zoom Phone or Push to Talk workflows using shared devices in frontline worker scenarios.
Provisioning of the common area on a smartphone can be accomplished using 2 methods:
- The original method uses activation codes, where the Zoom app can be activated/signed in using a code generated from the Zoom web portal. This method is beneficial for organizations that do not use a mobile device management system or prefer more granular control in activating the client. Learn more about managing Zoom mobile clients as common areas.
- The second provisioning method is using a combination of an enrollment token and matching the site network address. This method is beneficial for organizations that have a mobile device management solution and want to automate/streamline operations in scale. This method also enables true device sharing across multiple locations and simplifies replacement device management.
This article describes using the enrollment token method and matching the site IP network information.
Note: This feature must be enabled by Zoom.
Learn more about managing the Smartphone Clients tab and managing IP addresses for your sites under the Common area smartphones setting.
Requirements for provisioning shared mobile devices (smartphones) with enrollment token and IP subnet detection
- Either a Zoom Workplace license with Phone included, or a standalone Zoom Phone calling plan
- Account owner and admin privileges
- Multiple sites must be enabled
Note: This feature will not work without this setting. - Make sure you have already met the following requirements:
- Have an MDM application installed and deployed
- No overlap between the local IP subnets across stores
- Use IPv4 address
Notes:
- IPv6 is not supported.
- Each store should use a unique IPv4 subnet.
Understand automatic site assignment and common area selection
When a smartphone launches the Zoom client, it provides Zoom with the network information. Zoom will use this network information to query the Zoom Phone site for a match. If a match is found, the Zoom client will display the list of common area extensions available for that site. If a device is moved to another location, you can relaunch the Zoom app to refresh the list.
When the user is presented with the list of available common areas, they simply select one that best matches their job function. The solution allows the user to easily switch job functions at any time using the workflow built into the client.
The configuration requires the account owner or admin to:
- Create a Zoom enrollment token and update the Mobile Device Management (MDM) application to set this token for all Zoom Phone smartphone clients to use. Then, assign the network IP address information to the Zoom Phone sites.
- Additionally, account owners and admins can provision shared Android devices and customer-supplied network IP information to automatically determine site assignments.
How to provision shared mobile devices (smartphones) with IP subnet detection
1. Configure Phone System Management
The admin must create sites (and configure IP subnet ranges) for their stores, and add common area extensions under each store. You do not need to add smartphones to the Zoom Phone admin portal.
Complete the following actions:
- Create a site for each store.
- Add the site’s IP subnet range by adding private and public IP information.
If both are added to a site, both the private and public IP addresses will be verified, and provide an additional level of security. - Add common area extensions under each store.
| Smartphone | Common Area | Site | IP Subnet |
|---|
| Zebra Device 1 | Common Area A1 | Store A | 10.100.162.* (sample) |
| Zebra Device 2 | Common Area A2 | Store A |
| Zebra Device 3 | Common Area B1 | Store B | 10.100.163.* (sample) |
| Zebra Device 4 | Common Area B2 | Store B |
2. Configure Device Management
All smartphones across all stores use the same enrollment token, created in the Smartphone Client tab in Device Management. This token identifies the smartphone during enrollment and is used for common area binding, sign-in, and authentication. Learn more about managing the Smartphone Client tab.
The enrollment token can only be used for Zoom Phone Shared Mobile and can be used for both Android and iOS deployments.
Notes:
- Enrollment tokens have a default expiration of at least 12 months.
- It is important to update the expiration date of the enrollment token prior to the current expiration date. If the token date is not updated, then it could result in the Zoom clients being logged out.
- When the expiration date is updated, the enrollment token does not have to be reapplied. The client authentication will simply check against the date of the token.
Deploying Attributes via MDM
Admins must download the XML configuration file from the Zoom web portal and upload it to their MDM system. All smartphones will receive the following attributes:
<dict>
<key>SetEnrollToken4CloudMDM</key>
<string>{{enrollment_token}}</string>
<key>EnrollDeviceType</key>
<string>smartphone</string>
</dict>
Additional notes
- When a smartphone is moved to a different site, the Zoom app must be relaunched to update its IP-based site detection.
- The common area list refreshes each morning automatically or when the app is relaunched. For example, if a common area logs out on Monday evening, the phone will remain on the common-area list screen. The list refreshes the next morning automatically when the device is used.
- After logging in to a common area for the first time, users can switch to a different common area by logging out. This triggers the discovery process and redisplays the list of available common areas.
- Up to 100 common areas can be displayed.
- For performance and security reasons, the client displays a maximum of 100 common areas.