Using File Screening with Teams Installer

At the school I am currently working at we use File Screening in the user data areas to prevent download and storage of executables and crypto files. Over the last week as staff and students have returned this has caused some issues when it comes to Teams and how it updates itself.

Our usual method of software deployment is via Group Policy software installation. As Teams installs in each user’s AppData we deploy the Teams machine wide MSI. Most of the time Teams then silently updates without issue however occasionally it prompts the user to download the full Teams installer .exe in order to update.

This creates issues as we block all .exe files in the screen template. However there is a simple solution, you are able to create an exception within the template.

Open up File Server Resource Manager -> File Screen Templates -> Edit Template Properties. Select Executable Files and then Edit. Under Files to exclude add

Teams_windows_*.exe

The asterisk means if the user ends up with multiple installers (Teams_windows_x64 (1).exe for example) due to switching machines etc. it won’t get blocked.

Related to this one of our team has written a great article for our help desk on how the end users can update Teams.