Note: For organizations deploying to a large amount of endpoints, ThreatLocker recommends using a staggered deployment approach. Organizations that deploy to a large number of endpoints at once may experience increased bandwidth usage as macOS Core and application definitions are downloaded to each endpoint. QOS can be used to limit bandwidth to macapps.threatlocker.com
Below, you will find the steps for MAC deployment through Microsoft Intune.
Step 1: Import Configuration Profile for ThreatLocker
Download the following ZIP file, unzip the configuration profile, and import it into the Intune portal: https://static.threatlocker.com/deployment/A/ThreatLockerConfigurationProfile.zip
Assign this profile to the group(s) that you are deploying ThreatLocker to.
Step 2: Import Deployment Script for ThreatLocker
Download the script from the following link and save it as “ThreatLockerDeploymentScript-MDM.sh”
https://static.threatlocker.com/deployment/A/ThreatLockerDeploymentScript-MDM.txt
Locate your GroupKey and replace it in the code "xxxxxxxxxxxxxxxxxxxxxxxx".
Save the file as ThreatLocker_Install.sh
From Intune Navigate to Devices > macOS > Shell Scripts > Select Add
Name the script ThreatLocker Deployment Script and Select Next
Under Upload script navigate to the ThreatLocker_Install.sh file
Select the following options:
- Run script as signed-in user: No
- Hide script notifications on devices: Yes
- Script frequency: Every 1 day (this can be reduced to 15 minutes for testing)
- Max number of times to retry if script fails: 3 times
Add to the Same Group as the Configuration Profile has been added.
Select Next > Add
You can monitor the deployment through the script overview: