By utilizing advanced maintenance modes, you will have the opportunity to schedule maintenance modes as well as customize the modes to fit your needs.
From the Computers page, select 'Advanced' from the quick dropdown menu OR select the 'Maintenance Mode' button next to the computer you wish to enable an advanced maintenance period on.
Both options will open the 'Maintenance Schedule' window.
In the top left, select the desired maintenance type from the 'Maintenance Type' dropdown menu. For assistance with the different types of maintenance periods and what they accomplish, please see the associated article here.
If you select either Installation Mode or Learning Mode, the 'Application' dropdown will populate on the right side. Here, you will need to select 'Create New Application', or choose the application you are enabling the maintenance period for.
For Learning Mode only, you can also choose to select 'Automatic' which permits ThreatLocker to decide what applications to place the files learned into.
Once you make your selection from the 'Application' dropdown, next, you need to select where to permit the learned application. In the 'Permit this Application for:' dropdown, select 'Entire Organization', 'Computer Group', 'This Computer', or 'Create Application Only'. This is where you are choosing to apply the new policy to.
- The entire organization - applies the policy to the entire organization
- A computer group - applies the policy just to a specified computer group
- This computer only - applies the policy just to this specific computer
Below the 'Maintenance Type' and 'Application' settings is the 'Start' and 'End' settings. Here, you can select a specific start time and end time for any of the maintenance periods. By default, this will select a start time of now and an end time of 1 hour later.
Below the Start and End time, there is a checkbox where you can allow the end user to end the schedule from their computer. This will send a popup to the target computer when the schedule begins with a countdown timer until the end of the period as well as an 'End' button so they can end the maintenance period once they have completed their task and no longer need the maintenance mode.
Below the checkbox, there is a section where you can select to apply the maintenance period to all users on the endpoint or select specific users to apply the maintenance period to.
Please note, if you select a specific user, the computer will remain in Secured Mode for every other user on that endpoint, including the SYSTEM user. The only user that will be able to utilize the maintenance period will be the user you have specified here. Depending on what you are installing, it may be necessary to add the NT AUTHORITY\SYSTEM user to this list as well.
When selecting specific users, insert the domain\username into the textbox under 'Users' and then click 'Add User'. The username must include the domain\. Wildcards will not work in this area. To remove a user from the list, select the user and click 'Remove User'.
After you have made all the selections, click the 'Add Maintenance Schedule' button and the maintenance period will begin upon the next check-in after the specified start time. The period will be added to the grid list as shown in the screenshot below.
If you elect to end the maintenance period at any point, navigate back to this window and select the 'End' button next to the period you wish to end.