DLP Agent shown in Critical or Warning status with alert 'Chrome|Edge extension not deployed'
Article ID: 212090
Updated On:
Products
Issue/Introduction
You observe agents shown in the Enforce Console in Critical or Warning status and the agent events contain a recent 'Chrome|Edge extension not deployed' event, such as shown below:
Cause
There are multiple reasons this could occur:
- The extension failed to deploy due to LGPO corruption.
- The Agent Advanced Setting 'ExtensionEnablement.INSTALL_BROWSER_EXTENSION.int' is set to 0, AND
- The browser extension is not deployed manually, OR
- You may see these alerts as false positives if you are running DLP 15.8 due to a race condition. This can happen if an end-user opens and closes Chrome or Edge in a shorter time than the PluginInstaller.TAMPERPROOFING_IGNORE_PROCESS_TIMEOUT.int value multiplied by 5.
- If EDPA.exe crashes while brkrprcs64.exe is still running and gets restarted by the watchdog process WDP.exe as shown in the screenshot below:
Environment
DLP 15.8 and higher.
Resolution
Solution 1
If you are experiencing LGPO corruption, work directly with Microsoft to resolve it. See: Detecting Local Group Policy corruption
Solution 2.1
If you are deploying the browser extensions manually, ensure that you are deploying it in the correct way, and that it is the correct version for your agent. See: DLP Agent Chrome and Edge browser extension management
Solution 2.2
If you are seeing these alerts as false positives (detection and URL reporting is working) and are running an affected version of 15.8, this has been resolved as of 15.8 MP1 HF6.
Solution 3
There are multiple ways to work around this, including:
- Restarting the affected browser on the endpoint, and wait for PluginInstaller.TAMPERPROOFING_IGNORE_PROCESS_TIMEOUT.int value multiplied by 5
- Resetting the log level on the agent from the Agent Overview, troubleshooting menu
Additional Information
Attachments
Feedback
