 

> Note: For organizations deploying to a large number of endpoints, ThreatLocker recommends using a staggered deployment approach. Organizations that deploy to a large number of endpoints at once may experience increased bandwidth usage as Windows Core and application definitions are downloaded to each endpoint. QOS can be used to limit bandwidth to corecdn.threatlocker.com and apps.threatlocker.com 

Note: This article is based on documentation from Microsoft and has not been verified by the ThreatLocker team.  

Source:   

To deploy ThreatLocker using Intune, follow the steps below. 


GETTING THE POWERSHELL SCRIPT 


STEP 1: 

Log into the ThreatLocker Portal. Make sure you are managing the correct organization or switch organizations using the ‘Organizations’ page. Select the ‘Devices’ page and select ‘Install Computer’. 

 


STEP 2: 

Select ‘’Manual Deployment’ from the dropdown labeled ‘Select your deployment method’, then select the computer group the machine will belong to. Download the PowerShell Script for the selected group. 

 

 


ADDING THE POWERSHELL SCRIPT INTO MICROSOFT INTUNE 


STEP 1: 

Sign into Intune and navigate to Devices > Windows > Scripts and remediations > Platform scripts > Add 

  

 

 


STEP 2: 

In the ‘Basics’ section, insert a name for your script. This can be named anything. Additionally, you can provide a description for the script. Select ‘Next’. 

  


STEP 3: 

Within ‘Script settings’, use the ‘File Explorer’ icon to locate the script location. Select ‘No’ on all options underneath ‘Script Location’, then select ‘Next’. 

  


STEP 4:  

In ‘Assignments’, define the scope of where you want this script to execute. In this example, we will be deploying to All Devices. You can optionally add groups to exclude as well. Select 'Next'. 

 


STEP 5: 

In ‘Review + add’, review your setup and ensure all settings are set correctly. Select the ‘Add’ button at the bottom of the page. 

 

After adding the script, please give your endpoints a reboot in order for ThreatLocker to install. Intune can take up to 15 minutes after the reboot to deploy the ThreatLocker deployment script to your endpoints. 

Deploy ThreatLocker Using Intune

Deploying ThreatLocker to MAC with Addigy MDM

Deploying ThreatLocker with N-able RMM

Deploying ThreatLocker with NinjaRMM – PowerShell Script

Deploying ThreatLocker Using DattoRMM

Deploying ThreatLocker with ConnectWise Command (Formerly Continuum RMM)

Deploying ThreatLocker using Atera - PowerShell Script

Deploying ThreatLocker with N-Central

Deploying ThreatLocker with ConnectWise Automate

Deploying ThreatLocker with a datto RMM Component

ConnectWise Automate Continuous Deployment

Deploying ThreatLocker via GPO with a startup script

Changing How Computers Initially Learn Once Deployed (Computer, Group, or System Policies)

Deploying ThreatLocker using SyncroRMM - PowerShell Script

Deploying ThreatLocker using ConnectWise Control

Deploying ThreatLocker in a VDI environment 

Deploying ThreatLocker with Kaseya VSA

Deploying ThreatLocker using ConnectWise RMM

Deploy ThreatLocker Using System Center Configuration Manager (SCCM)

Deploying the ThreatLocker Agent through Kaseya VSA X

Deploying ThreatLocker to MAC with Kandji MDM

Deploying ThreatLocker to MAC through Jamf

Deploying ThreatLocker to MAC with Intune

Deploying ThreatLocker using SyxSense 

Deploying ThreatLocker to MAC with Hexnode MDM

Deploying ThreatLocker to MAC using VMWare Workspace ONE UEM

Deploying the ThreatLocker MSI through GPO 

Allowing ThreatLocker Communication Through an  Authenticated Proxy Server 

Deploying ThreatLocker to Windows XP

Deploying ThreatLocker using Action1

Deployment

Search our Knowledge Base

Deploy ThreatLocker Using Intune

Getting the PowerShell Script

Step 1:

Step 2:

Adding the PowerShell Script into Microsoft Intune

Step 1:

Step 2:

Step 3:

Step 4:

Step 5: