White Glove Tutorials

One of our goals at Trafera is to make deploying Chromebooks as easy and frustration-free as possible. To help with enrollment, we will need limited access to your Google Domain during white glove setup

These guides will help you through the process of creating a restricted admin account and enrollment-only user account for our use. If you need additional help or have any questions, we’re here for you.

Feel free to contact our support team at:
support@trafera.com or call toll-free 1-855-862-5120.

Creating the Organizational Unit (OU)

Go to https://admin.google.com and log in with a Super Admin account

1. Select Organizational Units from the Directory
2. Click Create Organizational Unit
3. Name the OU
   • We recommend something identifiable like "TFenroll"
   • You can add a description (not required)
   • The Parent Organizational Unit is defaulted to the primary domain (ex. @trafera.com)
4. Click Create

Creating a Trafera User

Go to https://admin.google.com and log in with a Super Admin account

1. Select Users from the Directory
2. Click Add new user
3. Name the user
   • We recommend something identifiable like "trafera.enroll"
4. Click Manage user's password, organizational unit, and profile photo
5. Ensure the user is moved to the OU you created in the previous section
6. Click Add new user

Generating Backup Code for Trafera User

Go to https://admin.google.com and log in with a Super Admin account

1. Search for the newly created user in the Admin Console search bar and click on the name to go into the user card.
2. At the top, select the Security section.
3. Navigate to the 2-step verification section and click the pencil icon to edit.
4. Click Generate New Codes.
5. Copy one of the codes and send it to Trafera when providing login information.

Turn on 2FA but don't enforce

Go to https://admin.google.com and log in with a Super Admin account

1. Select 2-step verification from Security > Authentication
2. Select the OU previously created
3. Check the box to Allow users to turn on 2-Step Verification
4. Select the Off bubble under Enforcement
5. Click Override to save the changes

White list the Trafera ChromeOS Utilties:

1. Log in to your organization’s admin console at https://admin.google.com
2. Under the left menu - Security > Access and Data control >  API controls
3. Under the center App access control select Manage Third-party App Access
4. Select Configure New App
5. Paste the value in the search box and click search
   1. 663732795308-3mk4rqg25ud0nme3p177ghtdhcnq1o9a.apps.googleusercontent.com
6. In the results, click Trafera Chromebook Mover or Trafera ChromeOS Utilities
7. For scope, click Select org units find the OU that our Trafera user account is located in, select that, and select continue
8. Access to Google Data, select Limited, select continue
9. Click finish 
10. Confirm the parental consent for that OU

Verify Drive and Docs Service is on for our OU:

1. Log in to your organization’s admin console at https://admin.google.com
2. Under the left menu - Apps > Google Workspace > Drive and Docs
3. Under Service Status, verify it is on for the OU our account is in

Create a new Admin Role

1. As a super admin, go to https://admin.google.com
2. Left menu, go to Account > Admin Roles
3. Click Create new role
4. Name the role Trafera's Chromebook Utilitiesclick Continue
5. Select the following privileges
   1. Organizational Units > Read
   2. Manage ChromeOS Devices
6. Click Continue
7. Click Create Role

Add Trafera's user account to the newly created role

1. Find the role and click it
2. Click Admins
3. Click Assign members
4. Add Trafera's user account here
5. Click Assign role

Customer ZTE Enrollment

Customer Manual Enrollment