DLP Agent shown in Critical or Warning status with alert 'Chrome|Edge extension not deployed'

book

Article ID: 212090

calendar_today

Updated On:

Products

Data Loss Prevention Data Loss Prevention Endpoint Prevent

Issue/Introduction

You observe agents shown in the Enforce Console in Critical or Warning status and the agent events contain a recent 'Chrome|Edge extension not deployed' event, such as shown below:

Cause

There are multiple reasons that this could occur:

  1. The extension failed to deploy due to LGPO corruption.
  2. The Agent Advanced Setting 'ExtensionEnablement.INSTALL_BROWSER_EXTENSION.int' is set to 0, AND
    1. The browser extension is not deployed manually, OR
    2. The browser extension is not deployed in a way that our agent recognizes

Environment

DLP 15.8 and higher.

Resolution

Solution 1

If you are experiencing LGPO corruption, work directly with Microsoft to resolve it: Detecting Local Group Policy corruption

Solution 2

If you are managing browser extensions via GPO or other Endpoint Management methods and browser detection and URL recognition are functioning correctly, you can safely ignore this. This is working as designed to let administrators know that the DLP agent was either not able to deploy the Chrome/Edge extension, or that the agent was unable to detect the extension as having been deployed manually.

Additional Information

See also: Detecting Local Group Policy corruption

See also: DLP Agent Chrome and Edge browser extension management

Attachments