Tech Community Live: Endpoint Manager edition
Jul 21 2022, 08:00 AM - 12:00 PM (PDT)

Microsoft_Intune_DeviceSettings extension failed to load.

%3CLINGO-SUB%20id%3D%22lingo-sub-3389329%22%20slang%3D%22en-US%22%3EMicrosoft_Intune_DeviceSettings%20extension%20failed%20to%20load.%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3389329%22%20slang%3D%22en-US%22%3E%3CP%3EWhen%20I%20am%20trying%20to%20access%20endpoint.microsoft.com%2C%20I%20get%20the%20below%20message%20about%20intune%20device%20settings%20extension%2C%20then%20the%20screen%20continues%20to%20show%20the%203%20dots%20and%20nothing%20happens.%20This%20only%20happens%20on%20our%20corporate%20network.%20It%20loads%20fine%20when%20on%20home%20internet.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThings%20I%20have%20tried%3A%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E-%20confirmed%20third%20party%20cookies%20enabled%20for%20this%20site%3C%2FP%3E%3CP%3E-%20no%20pop-ups%20being%20blocked.%26nbsp%3B%3C%2FP%3E%3CP%3E-%20cannot%20see%20any%20traffic%20being%20blocked%20on%20the%20firewall.%20As%20per%20closest%20article%20i've%20found%3A%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fmicrosoft-intune%2Ferror-while-loading-extension-microsoft-intune-devicesettings%2Fm-p%2F2168400%23M6097%22%20target%3D%22_blank%22%3Ehttps%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fmicrosoft-intune%2Ferror-while-loading-extension-microsoft-intune-devicesettings%2Fm-p%2F2168400%23M6097%3C%2FA%3E%26nbsp%3BI%20whitelisted%20graph.windows.net%20on%20the%20FW%20with%20no%20success.%26nbsp%3B%3C%2FP%3E%3CP%3E-%20I%20have%20tried%20Chrome%2C%20Edge%2C%20both%20normal%20and%20in%20incognito%20mode.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20have%20also%20included%20a%20screenshot%20from%20fiddler%20to%20show%20the%20process%20the%20browser%20goes%20through.%20I%20tried%20adding%20those%20URL's%20to%20permitted%20sites%20on%20the%20FW%20with%20no%20luck.%20Any%20advice%20would%20be%20appreciated.%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22lalan8499_0-1652815572363.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%22%20image-alt%3D%22lalan8499_0-1652815572363.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%22%20image-alt%3D%22lalan8499_0-1652815572363.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%22%20image-alt%3D%22lalan8499_0-1652815572363.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%22%20image-alt%3D%22lalan8499_0-1652815572363.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%22%20image-alt%3D%22lalan8499_0-1652815572363.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%22%20image-alt%3D%22lalan8499_0-1652815572363.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%22%20image-alt%3D%22lalan8499_0-1652815572363.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%22%20image-alt%3D%22lalan8499_0-1652815572363.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%22%20image-alt%3D%22lalan8499_0-1652815572363.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3Cspan%20class%3D%22lia-inline-image-display-wrapper%22%20image-alt%3D%22lalan8499_0-1652815572363.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3Cimg%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F372544iD8C412342FD00092%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22lalan8499_0-1652815572363.png%22%20alt%3D%22lalan8499_0-1652815572363.png%22%20%2F%3E%3C%2Fspan%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22lalan8499_1-1652815583796.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%22%20image-alt%3D%22lalan8499_1-1652815583796.png%22%20style%3D%22width%3A%20342px%3B%22%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%22%20image-alt%3D%22lalan8499_1-1652815583796.png%22%20style%3D%22width%3A%20342px%3B%22%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%22%20image-alt%3D%22lalan8499_1-1652815583796.png%22%20style%3D%22width%3A%20342px%3B%22%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%22%20image-alt%3D%22lalan8499_1-1652815583796.png%22%20style%3D%22width%3A%20342px%3B%22%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%22%20image-alt%3D%22lalan8499_1-1652815583796.png%22%20style%3D%22width%3A%20342px%3B%22%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%22%20image-alt%3D%22lalan8499_1-1652815583796.png%22%20style%3D%22width%3A%20342px%3B%22%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%22%20image-alt%3D%22lalan8499_1-1652815583796.png%22%20style%3D%22width%3A%20342px%3B%22%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%22%20image-alt%3D%22lalan8499_1-1652815583796.png%22%20style%3D%22width%3A%20342px%3B%22%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%22%20image-alt%3D%22lalan8499_1-1652815583796.png%22%20style%3D%22width%3A%20342px%3B%22%3E%3Cspan%20class%3D%22lia-inline-image-display-wrapper%22%20image-alt%3D%22lalan8499_1-1652815583796.png%22%20style%3D%22width%3A%20342px%3B%22%3E%3Cimg%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F372545i657E235917EE6AE1%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22lalan8499_1-1652815583796.png%22%20alt%3D%22lalan8499_1-1652815583796.png%22%20%2F%3E%3C%2Fspan%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22lalan8499_2-1652815830567.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%22%20image-alt%3D%22lalan8499_2-1652815830567.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%22%20image-alt%3D%22lalan8499_2-1652815830567.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%22%20image-alt%3D%22lalan8499_2-1652815830567.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%22%20image-alt%3D%22lalan8499_2-1652815830567.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%22%20image-alt%3D%22lalan8499_2-1652815830567.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%22%20image-alt%3D%22lalan8499_2-1652815830567.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%22%20image-alt%3D%22lalan8499_2-1652815830567.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%22%20image-alt%3D%22lalan8499_2-1652815830567.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%22%20image-alt%3D%22lalan8499_2-1652815830567.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3Cspan%20class%3D%22lia-inline-image-display-wrapper%22%20image-alt%3D%22lalan8499_2-1652815830567.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3Cimg%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F372549iDCCA1D8BC7FADBAE%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22lalan8499_2-1652815830567.png%22%20alt%3D%22lalan8499_2-1652815830567.png%22%20%2F%3E%3C%2Fspan%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-3389329%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EIntune%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3389866%22%20slang%3D%22en-US%22%3ERe%3A%20Microsoft_Intune_DeviceSettings%20extension%20failed%20to%20load.%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3389866%22%20slang%3D%22en-US%22%3E%3CP%3EHi..%20seen%20it%20happening%20with%20ssl%20inspection%20software%2Ffirewalls%20or%20something%20like%20%3CSPAN%3EPihole%3C%2FSPAN%3E.%20if%20it%20works%20at%20your%20home%20internet...%20there%20must%20be%20some%20blocker%20at%20the%20corporate%20network.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3455583%22%20slang%3D%22en-US%22%3ERe%3A%20Microsoft_Intune_DeviceSettings%20extension%20failed%20to%20load.%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3455583%22%20slang%3D%22en-US%22%3EHi%20Rudy%2C%3CBR%20%2F%3E%3CBR%20%2F%3EThank%20you%20for%20the%20response.%20I%20thought%20I%20had%20replied%20earlier.%20That%20is%20my%20thought%20as%20well%2C%20but%20i've%20tried%20suggestions%20to%20unblock%20graph.windows.net%20I%20saw%20in%20another%20post%2C%20as%20well%20as%20making%20sure%20to%20add%20all%20related%20URL's%20to%20the%20whitelist%20on%20the%20FW%20with%20no%20luck.%20I%20even%20went%20as%20far%20as%20excluding%20from%20SSL%20with%20the%20same%20behavior.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3459120%22%20slang%3D%22en-US%22%3ERe%3A%20Microsoft_Intune_DeviceSettings%20extension%20failed%20to%20load.%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3459120%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1392863%22%20target%3D%22_blank%22%3E%40lalan8499%3C%2FA%3E%26nbsp%3BWhat%20happens%20when%20you%20access%20%3CA%20href%3D%22https%3A%2F%2Fafd.hosting.portal.azure.net%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fafd.hosting.portal.azure.net%3C%2FA%3E%20directly%3F%20It%20should%20return%20a%20404%20but%20it'll%20let%20you%20test%20if%20the%20SSL%2FTLS-handshake%20is%20successful.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ELike%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F620702%22%20target%3D%22_blank%22%3E%40Rudy_Ooms_MVP%3C%2FA%3E%2C%26nbsp%3BI%20would%20expect%20there's%20some%20kind%20of%20inspection%20going%20on%20somewhere%20along%20the%20route.%20Is%20there%20a%20proxy%20in%20play%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3459144%22%20slang%3D%22en-US%22%3ERe%3A%20Microsoft_Intune_DeviceSettings%20extension%20failed%20to%20load.%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3459144%22%20slang%3D%22en-US%22%3EWhat%20happens%20when%20totally%20removing%2Fbypassing%20the%20proxy%2Fssl%20inspection%20that%20is%20configured.I%20am%20assuming%20that%20works%20as%20expected%3F%20because%20that%20sandbox-60%20mentioned%20is%20your%20proxy%20or%3F%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3460443%22%20slang%3D%22en-US%22%3ERe%3A%20Microsoft_Intune_DeviceSettings%20extension%20failed%20to%20load.%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3460443%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F620702%22%20target%3D%22_blank%22%3E%40Rudy_Ooms_MVP%3C%2FA%3E%26nbsp%3B%20We%20confirmed%20that%20it%20works%20as%20expected%2C%20as%20we%20have%20done%20it%20successfully%20for%20other%20websites.%20After%20some%20more%20investigation%2C%20we%20found%20out%20that%20the%20microsoft-intune%20application%20category%20on%20the%20palo%20alto%20fw%20was%20being%20blocked.%20we%20didn't%20see%20it%20in%20the%20original%20traffic%20as%20we%20had%20to%20investigate%20a%20bit%20in%20url%20logs%20to%20determine%20which%20IP%20it%20was%20re-directing%20to.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
New Contributor

When I am trying to access endpoint.microsoft.com, I get the below message about intune device settings extension, then the screen continues to show the 3 dots and nothing happens. This only happens on our corporate network. It loads fine when on home internet. 

 

Things I have tried: 

 

- confirmed third party cookies enabled for this site

- no pop-ups being blocked. 

- cannot see any traffic being blocked on the firewall. As per closest article i've found: https://techcommunity.microsoft.com/t5/microsoft-intune/error-while-loading-extension-microsoft-intu... I whitelisted graph.windows.net on the FW with no success. 

- I have tried Chrome, Edge, both normal and in incognito mode. 

 

I have also included a screenshot from fiddler to show the process the browser goes through. I tried adding those URL's to permitted sites on the FW with no luck. Any advice would be appreciated. 

lalan8499_0-1652815572363.png

lalan8499_1-1652815583796.png

lalan8499_2-1652815830567.png

 

 

 

5 Replies

Hi.. seen it happening with ssl inspection software/firewalls or something like Pihole. if it works at your home internet... there must be some blocker at the corporate network.

Hi Rudy,

Thank you for the response. I thought I had replied earlier. That is my thought as well, but i've tried suggestions to unblock graph.windows.net I saw in another post, as well as making sure to add all related URL's to the whitelist on the FW with no luck. I even went as far as excluding from SSL with the same behavior.

@lalan8499 What happens when you access https://afd.hosting.portal.azure.net directly? It should return a 404 but it'll let you test if the SSL/TLS-handshake is successful.

 

Like @Rudy_Ooms_MVP, I would expect there's some kind of inspection going on somewhere along the route. Is there a proxy in play?

What happens when totally removing/bypassing the proxy/ssl inspection that is configured.I am assuming that works as expected? because that sandbox-60 mentioned is your proxy or?

@Rudy_Ooms_MVP  We confirmed that it works as expected, as we have done it successfully for other websites. After some more investigation, we found out that the microsoft-intune application category on the palo alto fw was being blocked. we didn't see it in the original traffic as we had to investigate a bit in url logs to determine which IP it was re-directing to.