Installing Theft Recovery

Avatar
By : Kirk
  • Updated
Follow

Theft Recovery

Theft Recovery is new and improved in Admin 2.0! This article will cover:

  • How to configure an OU for your missing or stolen devices,
  • Install the Theft Recovery app,
  • Authorize GoGuardian to sync with Google Admin Console
  • Sync your device information with Google Admin Console

Note for users of the "Classic View" version of Theft Recovery: Theft Recovery 2.0 requires a slightly different setup and the installation of a new kiosk app. Please follow this guide to ensure a successful migration. 

Step 1: Create a Theft Recovery OU for missing devices

A new, custom OU must be created with specific Device Settings in order to use Theft Recovery 2.0. When a device is placed into this OU using the Theft Recovery UI, Theft Recovery Mode will activate.

  1. Sign in to Google Admin Console
  2. Click Device Management
  3. Click Chrome Devices
  4. The sidebar on the left will contain your OU structure. Create a new sub-OU in the location of your choice. The name of this OU must contain the words "stolen devices." Your OU structure can contain multiple stolen devices OUs as long as they contain the words "stolen devices" and are configured appropriately.

    Note: If you have previously configured a stolen devices OU for the "Classic View" version of Theft Recovery, the existing OU can be reused, but make sure that your device settings match the configuration in Step 2 and the new Theft Recovery App is installed.

Step 2: Configure your Stolen Devices OU and Install the Kiosk App

Configure your stolen devices OU to launch the GoGuardian kiosk App. The App will record geolocation data and take screenshots as the device is used while Theft Recovery mode is active.

  1. Sign in to Google Admin Console
  2. Click Device Management
  3. Click Chrome Management
  4. Click Device Settings
  5. Select your newly created Stolen Devices OU from the sidebar to modify the OU's Device Settings.

    VERY IMPORTANT! Ensure that your Stolen Devices OU is selected on the OU sidebar before making these changes! 
    ***If you configure your domain level or any typical OU that contains your devices, it will put every device in that OU into Theft Recovery mode and generate a Theft Recovery session for every device in that OU! Please exercise caution***

    Protip: Use CTRL+F or COMMAND+F to easily find the settings

  6. Set Guest Mode to Do not allow guest mode
  7. Set Sign-In Restriction to Do not allow any user to sign-in
  8. Set Scheduled Reboot to 1
    Note: Once placed in the Theft Recovery OU, a device must be rebooted at least once to launch the App. This setting will force the device to reboot once per day. 
  9. Find Kiosk Apps and click the Manage Kiosk Applications link
  10. Click Specify a Custom App and add the App ID and URL to their respective fields
  11. Add the App ID alaoimaeafbgfglpffgcidfgbjnekifp
  12. Add the App URL https://clients2.google.com/service/update2/crx
  13. Click Add
  14. Verify that the app, titled Welcome, has been added to the right under Total to Install. 
    Note:     If the Classic View Theft Recovery App, titled Loading, is already installed, remove it from the Kiosk Apps list and replace it with the Welcome App. 
  15. Click Save to close the dialog box
  16. Under Auto Launch Kiosk App, Select the Welcome App from the drop-down menu
  17. Save the settings by clicking the Save button in the bottom right corner mceclip1.png

Step 3: Authorize GoGuardian to sync with Google Admin Console

This will authorize GoGuardian to sync with your Google Admin Console so we can track your stolen devices.

Required GSuite Privileges:

  1. Admin API Privileges:
    • Domain Management
    • Organizational Units
    • Users
  2. Admin Console Privileges
    • Chrome Management 

Configuration Walkthrough

  1. Sign in to GoGuardian and navigate to the Theft Recovery Dashboard
  2. Click the menu icon found in the top right corner of the Theft Recovery Dashboard
  3. Click Authorize With Google to open the authorization tool
  4. Click the green Authorize button when prompted
  5. Select your Google Admin Superuser account, if signed into multiple Google accounts
  6. Click the blue Allow button to complete the authorization process

Note: Your Google Admin Account must have the following permissions. 

  • Provision and delete users on your domain: View and modify details (e.g., name, address, and phone number) and metadata (e.g., login details) of users on your domain
  • View metadata (e.g., name and description) of organization units
  • View all your Chrome OS devices' metadata (e.g., mac address, model, and OS version) View and update a specific Chrome OS device's metadata

If you're unsure if your account has these permissions, please verify with Google. Otherwise, you may receive an authorization error.

Step 4: Sync Devices from Google Admin Console 

This will import all device information from Google Admin Console.

  1. Sign in to GoGuardian and navigate to the Theft Recovery Dashboard
  2. Click the menu icon found in the top right corner of the Theft Recovery Dashboard
  3. Click Sync Devices 
  4. Click the blue Sync button

Now that Theft Recovery 2.0 is configured, let's test it out!

Was this article helpful?
13 out of 15 found this helpful

Related articles

Comments

0 comments

Article is closed for comments.

Related articles

Can't find the answers you're looking for?

Our Support Team is here to help!

Team Members are available Monday - Friday
6:00 am - 5:00 pm PST
2:00 pm - 1:00 am GMT

Live Chat

Live chat hours

Monday - Friday
6:00 am - 5:00 pm PST
2:00 pm - 1:00 am GMT

Support Request

Contact us by creating a new support ticket.

Submit a Request

Voicemail

Leave us a voicemail and we’ll contact you within 24 business hours.

1 (888) 310-0410 ext 2