Note: For organizations deploying to a large amount of endpoints, ThreatLocker recommends using a staggered deployment approach. Organizations that deploy to a large number of endpoints at once may experience increased bandwidth usage as macOS Core and application definitions are downloaded to each endpoint. QOS can be used to limit bandwidth to macapps.threatlocker.com.
Below, you will find the steps for MAC deployment through Jamf Pro.
Step 1: Create the Script
Once logged into Jamf Pro, head to the Settings page and search for “Scripts”
After clicking on Scripts, click on Add and enter a display name for the new script.
Under the Script tab, import our MDM deployment script from the ThreatLocker portal into Jamf Pro.
To see where to get the latest version of our MDM script, please see the 'RMM Deployment' section of Deploying ThreatLocker | ThreatLocker Help Center (kb.help)
Be sure to replace the GroupKey with the group key of the Mac group, which can be located here.
Step 2: Set up the ThreatLocker Configuration Profile
After the script is imported and saved, head to the Computers page and click on Configuration Profiles. Click on the import button and import the unzipped .mobileconfig file from the following link:
https://static.threatlocker.com/deployment/A/ThreatLockerConfigurationProfile.zip
Once imported, make sure to define the scope of the profile.
Note: The Configuration Profile needs to be installed onto the Mac devices before the script is run. Otherwise, permissions for the agent must be granted manually.
Step 3: Add the Deployment Script to the Policy
After saving the profile, click on Policies and New to create a new policy. Give the policy a name and add your ThreatLocker deployment script to the policy.
Be sure to also define a scope for the policy before saving it.
ThreatLocker should now be deployed to the machines defined within your scope.