On the Computers page in the ThreatLocker Portal, you will notice there are 2 tabs at the top of the page. By default, you will be on the Computers Running ThreatLocker tab. This is where all the computers in your organization that have the ThreatLocker Agent installed will be listed.
The Computers Not Running ThreatLocker tab was designed for Active Directory environments. You will not need to utilize this tab if you are using an RMM as you can set up a continuous deployment whereby newly installed computers will automatically have ThreatLocker installed on whatever schedule you have set up.
Because GPO can sometimes be unreliable, ThreatLocker created a logon script that can be run to check for computers in your AD environment that are not running ThreatLocker. Once run, this script will send up the hostname of any computer not running ThreatLocker and it will be viewable on this tab.
Navigate to the Computers page. Then click the Computers Not Running ThreatLocker tab.
Click the 'Get Logon Scripts' button.
Your Authorization Key will be input into the script for you automatically.
You can select either the signed or unsigned version. The unsigned version was created to decrease the size of the file. Both scripts function exactly the same way.
The sample batch file that you can download from the 'Download Sample Batch File' button will provide an example of how to add the logon script to your existing login script.
Run this script on your AD server using admin credentials. It will check all computers in your AD environment for ThreatLocker. Any endpoint without ThreatLocker installed and running will have its hostname sent to the ThreatLocker Portal and be listed on the Computers Not Running ThreatLocker tab.