Manualshelf

Administrator Guide

ManualsBrandsDell ManualsAccess PlatformsW-ClearPass Virtual Appliances
611612613614615616617618619620
For more information on the Chromebook stable, beta and development channels, refer to this article:
https://support.google.com/chromebook/answer/1086915
Chromebook Supports Only “Created by Device Certificates
Chromebook includes a trusted platform module (TPM) for protection of cryptographic private keys, including
the private key for the TLS client certificate issued to the device by Onboard.
Because of this, Chromebook will always create its own private key. The Key Type option in Device
Provisioning Settings will be ignored by Chromebook devices, and will always default to created by device.
The key size is 1024 bits or 2048 bits, as specified in the Device Provisioning Settings.
If an unsupported selection is made in the Provisioning Settings form, the default used will be a 2048-bit private key.
A Separate Provisioning SSID is Required
Chromebook cannot be provisioned unless it is already online, in order to sync with the appropriate settings
from the Google Admin console.
To handle the initial configuration task, we recommend you follow these steps:
l Configure an Onboard provisioning SSID.
n Ensure that this SSID has an access-control list that allows the Chromebook to log in and sync with
Google Apps. For details on the contents of the ACL, refer to this article:
https://support.google.com/chrome/a/answer/3504942#sslinspection
n Use a captive portal on this SSID that redirects users to the Onboard device provisioning page.
n Note that this SSID can also be used to Onboard other devices that are supported by W-ClearPass
Onboard.
l Ensure that the Chromebook is enrolled.
n To manually enroll a brand-new Chromebook, press Ctrl+Alt+E before attempting to log in with any
domain credentials.
n Be aware that once a user has signed in to a device, you cannot enroll the device. The device must be
wiped in order to restart the enrollment process.
n For more details on enrolling a Chrome device, including details on automatic enrollment, refer to this
article: https://support.google.com/chrome/a/answer/1360534
l Sign in to the device using the credentials of an account in the Google Apps domain.
n Connect to the provisioning SSID using the Chrome setup wizard.
Do not save the credentials you used to connect to the provisioning SSID.
n The device will sync with the Admin console settings.
n This will also install the Onboard Chrome extension, if it is configured correctly in the Google Admin
console.
l Open the Chrome browser on the device.
n The captive portal will redirect you to the device provisioning page.
n Sign in with appropriate credentials.
Dell Networking W-ClearPass Guest 6.5.0 | User Guide Chromebook in Onboard | 619