Long Arrow Right External Link angle-right Search Times Spinner angle-left
Go to ThreatLocker

Search our Knowledge Base

Deploy ThreatLocker Using System Center Configuration Manager (SCCM)

Updated January 17, 2023

Obtain the MSI file

  • Log into the ThreatLocker portal
  • Click on Deployment Center
  • Select the organization you are deploying into
  • Download the MSI Installer for the group you are installing

Additionally, the MSI file can be obtained on the Computers page by clicking on ‘Install New Computer’ and accepting the EULA. For additional information please see the ‘Deploying the ThreatLocker Agent’ course in ThreatLocker University.

Create the Application in SCCM

  • Launch the SCCM console.
  • Select Software Library > Application Management > Applications
  • On the Home tab, in the Create group, choose Create Application
  • On the General page of the Create Application Wizard, choose Automatically detect information about this application from installation files. Then specify the following information:
    • Type: Choose Windows Installer (*.msi file)
    • Location: Specify the location of the .msi file
    • The location must be a Networkshare
  • Choose Next. 
  • Review the Import Information page and choose Next again
  • On the General Information page, you can supply further information about the application to help you sort and locate it in the Configuration Manager console. Choose Next.
  • On the Summary page, you can confirm your application settings and then complete the wizard.

Prior to deployment, add a requirement to specify conditions that must be met before the application is installed on a device and distribute the application content to a distribution point. Review the source article linked at the top of the page for more information.

Deploy the ThreatLocker Application in SCCM

  • Launch the SCCM console
  • Select Software Library > Application Management > Applications
  • Select the application you created earlier
  • On the Home tab in the Deployment group, choose Deploy.
  • On the General page of the Deploy Software Wizard, choose Browse to select the All Systems device collection.
  • On the Content page, check that the distribution point from which you want PCs to install the application is selected.
  • On the Deployment Settings page, make sure that the deployment action is set to Install, and the deployment purpose is set to Required.
  • On the Scheduling page, you can configure when the application will be installed. It is recommended to select ‘As soon as possible after the available time’.
  • On the User Experience page, choose Next to accept the default values.
  • Complete the wizard.