When using Google Admin to automate the installation of the DNA Agent extension onto a Chromebook whenever a managed user logs in, it is possible that the DNA Agent extension will also be added to a Chrome browser on a machine if the user signs into the browser.
This may lead to the DNA Agent extension on the Chrome browser making a connection to the DNA Server, and an entry will appear as the user’s email address under the Unassigned department in the PCs hierarchy in the DNA Console. This entry will use up one of the DNA Agent licences on the DNA Server.
To prevent the DNA Agent extension from being added to the Chrome browser, please use the following information.
Google provides ADM and ADMX templates that allow you to block an extension from being installed on a Chrome browser:
https://support.google.com/chrome/a/answer/7532015?hl=en
Using the ADM or ADMX files, you can configure a policy called ExtensionInstallBlackList. When you apply this policy to a Windows machine using a GPO, you can add the ID for the extension that you do not want to be added to the Chrome browser.
The ID of the Chrome extension can be found by viewing the last part of the URL in the Chrome Web Store, e.g. https://chrome.google.com/webstore/detail/netsupport-dna-agent/cmpcofplgblhofbilhpjbgabfmignpdh
With the extension ID added to the ExtensionInstallBlackList policy, the extension will not be added to the Chrome browser, and for any user where it has already been added, it will disable the extension.