Skip to main content

 

Cisco Meraki Documentation

Chrome OS Enrollment

Overview

Chrome OS enrollment allows Meraki Systems Manager to install apps, configuration profiles, and more to Chrome OS users & devices. The instructions in this guide cover the setup and enrollment of Chrome OS users & devices with your existing Meraki Systems Manager network and Google Admin console.

This article explains configuring the newest Chrome MDM framework with SM, which requires a licensed G Suite with Enterprise licensing. Google currently does not make this available to non-Enterprise account types. Here is an example of valid "G Suite Basic" licensing from the Google Admin Console: 

G Suite Basic

There is an older set of Google APIs which support both Google education and business customers with less functionality. Instructions for those configurations are covered in our Chrome OS Management in Systems Manager article.

Preparation

1.  Navigate in dashboard to Systems Manager > Manage > Add devices > Chrome OS > Try the new Chrome management!

Chrome_OS_Try_the_new_management.png

 

2. Navigate back to Systems Manager > Manage > Add devices > Chrome OS Note the ID and URLs listed here. We will need to add these into the Google Admin Console.  

URIs and Client ID

3.  Use the link provided to log in to your GSuite Admin Console, and from there navigate to Security > Access and data control > API controls > Domain wide delegation > Manage domain wide delegation

Chrome_OS_Manage_Domain_Wide_Delegation.png

 

4.  Click Add new. Copy your ID into the Client Name field and the API scopes as a comma-separated string into One or More API Scopes field, then click on Authorize to add these to your account. 

Chrome_OS_Client ID.png

     If successful, your page should look similar to the one below:

Chrome_OS_Client_ID_2.png

5. Navigate to Devices > Chrome > Settings > Device > Chrome management - partner access > Enable Chrome management - partner access 

 

Chrome management partner access.png

6. Click on the User & browser settings tab > Enable Chrome Management - Partner Access 

Chrome_OS_User_and_settings_Partner_Access.png
 

7. Optional: under Android application settings enable Enable Android applications to be managed through the Admin Console 

Screen Shot 2018-02-13 at 12.26.23 PM.png

For first-time enrollment, you MUST click the Android for Work box to view and acknowledge the terms of service before this check box is selectable

8. In Systems Manager Dashboard, fill in the requested information under Enrollment info and click Bind domain


Screen_Shot_2018-02-13_at_12.33.06_PM.png

9. When you are finished, you should be able to perform Android device and user syncs from Meraki Systems Manager Dashboard 

Client Device Enrollment

Chrome OS client devices can be enrolled on a device level by switching the device's initial login mode (by pressing Ctrl + Alt + E) to switch from the standard user account sign-in screen to enterprise enrollment sign in. This must be performed during the device's initial setup. From the enterprise enrollment login screen: log in to an account on the specified Google domain with permissions (enabled by default) to enroll devices. This will add the device to the existing Google admin console and allow Systems Manager to install apps & profiles on a device level. Additional instructions on how to enroll Chrome OS devices with the enterprise enrollment steps can be found in Google's Enroll ChromeOS devices documentation.

Note: You must enroll devices before anyone signs in to them. If you don’t, you need to wipe the device and restart enrollment. For details, see Wipe ChromeOS device data.

These client device enterprise enrollment steps are required to install apps & profiles on a device level basis. If devices are not enrolled with this enterprise enrollment option then Systems Manager can still install profiles & apps directly to the end user's Google account.

 

  • Was this article helpful?