Profiles serve many different purposes from letting you enforce rules and procedures to tailoring and preparing Chrome OS devices for how they are used with Workspace ONE UEM.

The individual settings you configure, such as restrictions and bookmarks, are called payloads. In most cases, Consider configuring one payload per profile, which means you have multiple profiles for the different settings you want to push to devices. For example, you can create a profile to restrict users from using incognito mode.

Important: When applying profiles across parent and child organization groups, the device accepts the latest profile pushed to the device not the most restrictive like other platforms. Do not apply the same payload in both a parent and child organization group to the same device.

Device Profiles

Device policies apply to Chrome OS devices regardless of any user logged into the device. Device polices are applied through Smart Groups.

Smart groups are customizable groups that determine which platforms, devices, and users receive an assigned application, book, compliance policy, device profile, or provision.

User Profiles

User policies for Chrome OS allow you to configure profile settings at the user level. The policies do not apply to users signed in as guest or with a Google Account outside of your organization (such as a personal Gmail account). You are able to view User Details by selecting the user icon under the Installed Status field.

User polices are applied through User Groups. User groups are sets of users into user groups which, like organization groups, act as filters for assigning profiles and applications.

Profiles

  • Profiles do not have an add version option. If the profile is edited and saved, the updated policy is sent to devices.
  • Profiles for Chrome OS are deployed using API calls, which are a different solution than is used with other platforms, in which the profile is sent directly to the Workspace ONE Intelligent Hub on the device. For Chrome OS devices, the UEM consolerelies on API responses to the Google Cloud to push new polices. The Console displays a green check mark to show that the policy has been updated to the Google cloud.
  • Profiles do not show a 'Publish Preview'. When you select Save & Publish, the profile takes effect immediately.
  • All user and device profile information, including certificates, are sent to to Google and stored by Google.
  • User profiles and Device profiles are independent in their settings.

Application Management

  • Chrome apps are pushed through profiles using the Application Control profile, not through Apps & Books.