Skip to main content

Managed Android Apps on ChromeOS on an Edu G Suite Domain

Android Apps via the Play Store have been available on consumer accounts for some time on selected devices. We have 1:1 Acer R11's and have recently had the opportunity to trial them on G Suite Edu accounts.

From the point of view of the end user, they see the Play Store App appear on the shelf and have to agree to the terms and conditions. After that, force installed and pinned apps are immediately installed and they get access to the Google for Work Store. This only contains apps you have approved for that user.

For the administrator the steps are:

  • Enable Play Store Apps for the domain
  • Enable access to the Play Store for specific Sub-OUs or users
  • Add apps to Play for Work
  • Set permissions for each app - can install, force install or pin to shelf. This can be done differently for each app and each OU and is therefore very granular. 

Issues so far

  • Apps take a while to appear in the Play Store for users. Initially only force installed apps appear.
  • You cannot set the permissions of multiple apps in one go - one at a time at the moment.

Video of the management and end user view:


Comments

Popular posts from this blog

Delete a specific email using GAM

If a user send an inappropriate email to a loads of people or get stung by some sort of email exploit you can quickly delete the email from all of the recipients using a GAM command. Step 1 - get the email header Go into Google Vault and search for the offending user or someone known to have got the message. Click show details and grab the email ID. This will be a long string of characters followed by @mail.gmail.com Step 2 - find out who has the email Go into Google Vault and find the original message sent by the offending user. Look at the details to see who got it. Copy the list and dump it into a spreadsheet. Clean up to just a list of emails with a column header 'mail'. Save as a csv file. Step 3 - delete messages with GAM Put your CSV file in your GAM folder - this e.g. assumes its called mail.csv Run: gam csv mail.csv gam user ~mail delete messages query rfc822msgid: MESSAGEIDHERE doit The alternative nuke option is: gam all users delete messages query rf...

My favorite GAM commands - well a few of them at least!

Where would be without GAM? Paying for expensive syncing tools or doing tedious manual tasks in the admin console. GAM can automate most things you might want to do in G Suite. So these are a few of my favourite commands - one I use either as part of a batch file - or just standalone. There are loads more - but these are ones that are used daily. Classroom Create a spreadsheet of all your domains classes -  gam print courses todrive Create a spreadsheet of a teacher's classes:  gam print courses teacher fred@mydomain.com todrive Bulk create classes: gam csv classes.csv gam create course alias ~alias name ~alias section ~subject teacher ~teacher status ACTIVE where classes.csv is a list of classes you want to make. Add teachers: gam csv teachers.csv gam course ~alias add teacher ~teacher Add students: gam csv students.csv gam course ~alias add teacher ~student Sync Students (in this example to a group - but could be an ou/csv file) gam csv grou...

How to beat ChromeOS EOL and carry on getting updates

ChromeOS devices are great in loads of ways, but they have built-in obsolescence. Google will stop providing updates at a predetermined time according to the schedule you can find here . So the best you will achieve is 6.5 year if you buy the device on the launch day . In reality, it will be generally much less. It's something to watch as a good deal might not be such a good deal if the device only has two years left. Once a device reaches its "due" date, you get a red pop up telling you its time to update every time you log in. The update section tells you there are no more updates. Now the device will work fine - for a while. You might get another 6 months use out of it before core services like Gmail stop working. However, if you are prepared to do a little work, you can install the OS of your choice onto the device and carry on using the device and not accept this. If you want ChromeOS, then you can install Cloudready from Neverware. I'll outline the basic steps...