Deploy ThreatLocker Using Intune

2 min. readlast update: 04.03.2025
 

Note: For organizations deploying to a large number of endpoints, ThreatLocker recommends using a staggered deployment approach. Organizations that deploy to a large number of endpoints at once may experience increased bandwidth usage as Windows Core and application definitions are downloaded to each endpoint. QOS can be used to limit bandwidth to corecdn.threatlocker.com and apps.threatlocker.com 

Note: This article is based on documentation from Microsoft and has not been verified by the ThreatLocker team.  

To deploy ThreatLocker using Intune, follow the steps below. 

Getting the PowerShell Script 

Step 1: 

Log into the ThreatLocker Portal. Make sure you are managing the correct organization or switch organizations using the Organizations page. Select the Devices page and select Install Computer’. 

 

Step 2: 

Select Manual Deployment’ from the dropdown labeled ‘Select your deployment method’, then select the computer group the machine will belong to. Download the PowerShell Script for the selected group. 

 

 

Adding the PowerShell Script into Microsoft Intune 

Step 1: 

Sign into Intune and navigate to Devices > Windows > Scripts and remediations > Platform scripts > Add 

  

 

 

Step 2: 

In the ‘Basics’ section, insert a name for your script. This can be named anything. Additionally, you can provide a description for the script. Select ‘Next’. 

  

Step 3: 

Within Script settings’, use the ‘File Explorer’ icon to locate the script location. Select ‘No’ on all options underneath ‘Script Location’, then select ‘Next’. 

  

Step 4:  

In ‘Assignments’, define the scope of where you want this script to execute. In this example, we will be deploying to All Devices. You can optionally add groups to exclude as well. Select 'Next'. 

 

Step 5: 

In ‘Review + add’, review your setup and ensure all settings are set correctly. Select the ‘Add’ button at the bottom of the page. 

 

After adding the script, please give your endpoints a reboot in order for ThreatLocker to install. Intune can take up to 15 minutes after the reboot to deploy the ThreatLocker deployment script to your endpoints. 

Was this article helpful?