Number masking can be a requirement in many use-cases for any enterprise.
Let's take a basic walkthrough on creating this configuration and then testing it out.
For anything complex, there must always be a basic way of achieving the end-goal. Then a less basic method & finally a complex method to achieve the same.
First we'll discuss the basic methods (Teams Client & Teams Admin Center):
Teams Client: Settings > Calls, and then under Caller ID > select Hide my phone number and profile information for all calls
The silly thing here is when I checked the option, I couldn't save it. I tried to click outside & went back to Settings to confirm but my check-mark would disappear. Even did a sign-out/sign-in. But no effect.
This has been reported earlier as well. Maybe my client is acting funky today. Anyways there's a web reference for most of the stuff as always. (Reported Here)
This option would appear in your client only if the Global Org Wide Policy looks like this.
The "Override the caller ID policy" should be toggled ON. By default it is set to Off.
So don't get alarmed if you don't see it in your clients. As mentioned earlier, it could be a global configuration. Check with your Teams Administrator.
Teams Admin Center: Voice > Caller ID
Create a Policy.
Assign the Policy to the user(s).
The 3rd method is via PowerShell (Teams Module)
Creating Calling ID Policies via PowerShell
Finally the complex method, which is hardly complex in my opinion, i.e., creating the policies via PowerShell. But we will go a step ahead & test our results as well.
Masking Outbound Caller ID
Scenario: Teams > PSTN
Step 1: More of a review of the existing configuration. We run the Get-CsCallingLineIdentity cmdlet to confirm the existing policies in place.
At this point, I made a basic Outbound Call from Teams Client to My Cell #. I got the Teams assigned DID flashing on my cell phone as the CLI (Calling Line Identification).
Step 2: Configuration of a Anonymous Policy
New-CsCallingLineIdentity -Identity Anonymous -Description "anonymous policy" -CallingIDSubstitute Anonymous -EnableUserOverride $false
Assigned the policy to my account with the below cmdlet.
Grant-CsCallingLineIdentity -PolicyName Anonymous -Identity "username@contoso.com"
Confirmed that the policy got applied correctly.
Step 3: Make a test call to my cell #. I didn't have to Sign Out/Sign In on my Teams Client. I simply waited for 2-3 minutes and made a test. Apparently the client had sensed the changes.
As we can see below, the call drops at the client level. Not immediately though. There must have been some processing going on at the back.
I was expecting this. It is a common phenomenon for telephony providers to reject the call if the caller is "Anonymous" (From Header). Only valid activated DIDs over the trunks are allowed to progress.
We can validate this from the SIP INVITE seen in the OVOC (Audiococes One Voice Operation Center) Monitoring Dashboard. This is the INVITE coming from Microsoft side.
The reason of rejection is a 603 Decline from the PTT (Provider).
Termination Reason : Call Rejected.
Conclusion: The call never reached my cell #. Ouch. A bit disappointing. As we couldn't truly get an anonymous call to land on my cell due to limitations set by service provider.
Masking Inbound Caller ID
Let's see if we are able to achieve the reverse, for an incoming call.
Scenario: PSTN > Teams
But first you can see my struggles to assign the Global/Default CallingLineIdentity Policy to my account.
I could've directly applied the new policy, however I wanted to start afresh. Turns out $null helped me in going back to the defaults.
Okay, so first a pre-test to make sure my PSTN Caller ID flashes well on my Teams Client.
So that works. Now let's try changing that to Anonymous.
Step 1: Removed the earlier Policy (not necessary) + Creating a Policy for Inbound
New-CsCallingLineIdentity -Identity Anonymous -Description "Anonymous Policy" -CallingIDSubstitute Anonymous -EnableUserOverride $false -BlockIncomingPstnCallerID $true
Step 2: Assign the policy created above to my account with a "Grant-Cs..." cmdlet. & Make an Inbound Test Call.
Success! The Caller ID is indeed masked.
To finish up, we do a cleanup because no unused policies should be left behind (cover your tracks).
Only the Global policy remains.
References & Credits
Cover Photo Credit: Ilia Burdun | Dreamstime
Comments