Deploying ThreatLocker to MAC through Jamf

2 min. readlast update: 08.01.2024
Note: For organizations deploying to a large amount of endpoints, ThreatLocker recommends using a staggered deployment approach. Organizations that deploy to a large number of endpoints at once may experience increased bandwidth usage as macOS Core and application definitions are downloaded to each endpoint. QOS can be used to limit bandwidth to macapps.threatlocker.com.

Below, you will find the steps for MAC deployment through Jamf Pro.

Step 1: Create the Script

Once logged into Jamf Pro, head to the Settings page and search for “Scripts” 

undefined

After clicking on Scripts, click on Add and enter a display name for the new script. 

undefined

Under the Script tab, import our MDM deployment script from the ThreatLocker portal into Jamf Pro. 

To see where to get the latest version of our MDM script, please see the 'RMM Deployment' section of Deploying ThreatLocker | ThreatLocker Help Center (kb.help)

Be sure to replace the GroupKey with the group key of the Mac group, which can be located here.

undefined

 

Step 2: Set up the ThreatLocker Configuration Profile

After the script is imported and saved, head to the Computers page and click on Configuration Profiles. Click on the import button and import the unzipped .mobileconfig file from the following link: 

https://static.threatlocker.com/deployment/A/ThreatLockerConfigurationProfile.zip 

 Once imported, make sure to define the scope of the profile. 

Note: The Configuration Profile needs to be installed onto the Mac devices before the script is run. Otherwise, permissions for the agent must be granted manually.

undefined

 

Step 3: Add the Deployment Script to the Policy

After saving the profile, click on Policies and New to create a new policy. Give the policy a name and add your ThreatLocker deployment script to the policy. 

Be sure to also define a scope for the policy before saving it.  

undefined

ThreatLocker should now be deployed to the machines defined within your scope.  

Was this article helpful?