If your organization needs multiple Chrome administrators, you can create administrator roles with Chrome OS privileges in the control panel. Administrator roles let you grant administrators access to settings they need while blocking access to settings they don't need.
With delegated administration in Chrome OS, you can grant users permissions specific to their roles, such as giving a teacher the ability to create new users and set passwords for students in his classroom, without giving him management access to all the devices in your school district. Likewise, with this feature, you can give a manager administrative access to configure the email settings of his direct reports, without giving him Super Admin permissions over your entire domain.
About Administrator Roles and Privileges
These settings give you more control of what other administrators in your organization can do. These settings can limit administrator access to specific Chrome OS tabs in the control panel, like the following:
|Setting||What permissions it gives to delegated administrators|
|Manage Device Shipments||READ access to Shipments.|
|Manage Devices||READ and WRITE access to Devices.|
|Manage User Settings||READ and WRITE access to User Settings for the organizational units for which the administrator has privileges.|
|Manage Application Settings||READ and WRITE access to the Apps and Extensions section of User Settings for the organizational units for which the delegated admin has privileges. This is a subcategory of User Settings, so all admins who can manage User Settings can also manage Application Settings.*|
|Manage Device Settings||READ and WRITE access to Device Settings for the organizational units for which the delegated admin has privileges.|
|Manage User and Device Networks||READ and WRITE access to Networks for the organizational units for which the delegated admin has privileges.|
*Use Manage Application Settings if you want to give a teacher the ability to preinstall and manage applications for his students without giving him access to all of the permissions under User Settings.
For more about delegated administration roles, see Administrator privilege details.
- If you haven’t already, create organizational units in Google Apps. These can be groupings such as schools and classrooms, or business subsidiaries and offices.
- Follow these instructions to grant administrator privileges to users in your organization.
Once you’ve assigned privileges, you can see which ones the user has been assigned, by clicking on her name in your Google Apps control panel. At the bottom of the Roles & Privileges tab, expand Resolved Privileges to see the privileges that user has.