Company logoHelp Center
Visit www.threatlocker.com

Setting up the Active Directory Sync Service

3 min. readlast update: 01.24.2024

View in browser

Note: This requires .NET 4.7.2 or newer

Overview

This article covers the steps required for setting up the ThreatLocker Active Directory Sync tool. This tool is responsible for syncing your Active Directory groups, allowing you to select them when creating\editing policies in ThreatLocker.

Permitting the Service

Before installing the service, it is advised to create a policy to permit the "ThreatLocker AD Sync Service (Built-In)" application for the computer you are installing it on. The device you're installing the service on must have ThreatLocker on it.

Setup the Sync Service

Note: This does not have to be installed on a domain controller. If this is not installed on a domain controller, you must specify the domain controller in the config file.

Download the latest version of the AD Sync Tool here

  • Download the .ZIP folder from the link above
  • Extract the .ZIP folder to the root of the C:\ drive 

If you're extracting the folder anywhere else, right click the "install.bat" file and click edit. Specify the exact location of the folder as shown below: 

undefined

It can be put anywhere, so long as it's referenced correctly in the installation file.

  • Create a new text document inside the extracted folder called apiurl.  

 

undefined

 

  • Inside the apiurl document, type your ThreatLocker URL. For example, https://api.b.threatlocker.com.

 

undefined

 

 

  • Run the "Install.bat" file inside the ThreatLockerADSyncTool directory as an Administrator (no changes to the CONFIG file needed)
  • Go to the ThreatLockerADSyncTool directory
  • Right click "ThreatLockerADSyncTool.exe (CONFIG file)" in a text editor
  • Update the "DomainController" Value="" to include the hostname of the Domain Controller

undefined

 

  • Save any changes made to the CONFIG file
  • Run the "Install.bat" file inside the ThreatLockerADSyncTool directory as an Administrator (no additional changes to the CONFIG file needed) 

 

 

Updating the ThreatLocker Active Directory Sync Tool

If you're currently utilizing a previously-existing version of this program, the update process for the tool can be found below.

Stop the Service

  • On the machine that has the ThreatLocker AD Sync Tool installed on, open Command Prompt (Admin) and stop the service with the following command: 
Net Stop ThreatLockerADSyncTool

 

Replace the files

  • After the service is confirmed to be stopped, open the directory where the ThreatLockerADSyncTool.exe and corresponding CONFIG file are located
  • Replace the old ThreatLockerADSyncTool.exe and CONFIG file with the latest versions 
  • Edit the CONFIG file to make any adjustments if not on a Domain Controller
  • Save the CONFIG file

 

Start the Service

  • Restart the service on the machine by opening Command Prompt (Admin) and start the service with the following command:
Net Start ThreatLockerADSyncTool

 

Running the ADSyncTool After a Failed Attempt

 

If you have already downloaded and attempted unsuccessfully to run the ADSnycTool, you may need to remove the groups.json and uploads.json files from the ThreatLockerADSyncTool file. This can be accomplished by simply moving the files, or you can delete these 2 files.

 

undefined

 

ThreatLocker collects the following data from your AD environment:

  • Group Names
  • distinguishedNames
Was this article helpful?