![Full Logo.png]](https://help.devicie.com/hs-fs/hubfs/Full%20Logo.png?height=30&name=Full%20Logo.png){kind=small}
Overview
To help users with remote support a few tools can be used (like Teams, Quick Assist or Remote Help), and depending on the tools, different requirements regarding to UAC might be required. Currently, Teams and Quick Assist do not support UIA Access, which means they cannot bypass secure desktop prompts, Remote Help on the other hand can.
Things you should know
When using Microsoft Teams or quick assist the Policy User Account Control: Behaviour of the elevation prompt for standard users needs to be set to Prompt for credentials which is the less secure method.
When using Remote Help the Policy User Account Control: Behaviour of the elevation prompt for standard users can be set to Prompt for credentials on the secure desktop since the app supports bypassing that only during the remote session.
In case no support is required, the Policy User Account Control: Behaviour of the elevation prompt for standard users needs to be set to Automatically deny elevation requests as per CIS Recommendation.
Straight from Microsoft documentation
Microsoft covers the different tools that can be used to offer remote assistance on Intune managed devices:
Remotely assist mobile devices managed by Intune | Microsoft Docs
There are four options available for remotely administering devices managed by Microsoft Endpoint Manager:
- Microsoft Teams is the hub for teamwork where you can chat, meet, and collaborate no matter where you are.
- Quick Assist is a Windows 10 application that lets two people share a device over a remote connection.
- TeamViewer is a third-party program that you purchase separately. It provides a comprehensive set of remote access and support capabilities. The Intune and TeamViewer integration enables remote support using TeamViewer and the connector is managed directly in Intune.
- Remote help is in public preview for Microsoft Endpoint Manager. When installed on a users device, your organizations users can provide remote assistance to other users within the same tenant, including between devices that are and aren't enrolled with Intune.
- Remote control is included in Microsoft Endpoint Configuration Manager. It's used to remotely administer, provide assistance, or view any workgroup computer and domain-joined computer.
REMOTELY ASSIST MOBILE DEVICES MANAGED BY MICROSOFT ENDPOINT MANAGER Features, Platforms, Licensing Teams Quick Assist TeamViewer (Intune) Remote help (preview) Remote control (ConfigMgr) Remote view and control 
Chat File transfer Elevated admin access Unattended access **Simultaneous remote control Multi-user support Remote actions Over-the-internet support Audit reporting Support for all platforms (Windows, iOS, Android, macOS) Integrated with Windows 10 – no additional app required Requires device to be co-managed by Configuration Manager and Intune Requires additional licensing* * Teams requires Microsoft 365 licensing. Use of TeamViewer and Intune requires licensing from both TeamViewer and Intune. Remote Control is a feature of Configuration Manager and requires Configuration Manager licensing.
** Unattended access can be initiated from the TeamViewer Management Console, but not from the Microsoft Endpoint Management admin center.