Note: For organizations deploying to a large amount of endpoints, ThreatLocker recommends using a staggered deployment approach. Organizations that deploy to a large number of endpoints at once may experience increased bandwidth usage as macOS Core and application definitions are downloaded to each endpoint. QOS can be used to limit bandwidth to macapps.threatlocker.com.
Under Policy Management, create a new policy and use a blank template:
Give the policy a name and switch to the macOS tab.
Once macOS is selected, scroll down and select “Deploy Custom Configuration".
Unzip the following file and upload the .mobileconfig file:
https://static.threatlocker.com/deployment/A/ThreatLockerConfigurationProfile.zip
Note: The Configuration Profile needs to be installed onto the Mac devices before the script is run. Otherwise, permissions for the agent must be granted manually.
Next, switch to scripts and upload the MDM deployment article from the ThreatLocker portal into the Hexnode portal.
To see where to get the latest version of our MDM script, please see the 'RMM Deployment' section of Deploying ThreatLocker | ThreatLocker Help Center (kb.help)
Be sure to modify the script to include your GroupKey, which can be found here.
Set the script to execute on subsequent user log on.
Once the script is uploaded, save the policy. On the Policy Management screen, select the policy, click on Manage, and then click on Associate targets. Select the machines you would like to associate with this policy.
Once the policy is applied, the next time a user logs in, ThreatLocker will be installed.