Deploying ThreatLocker to MAC with the Addigy MDM
Below, you will find the steps for MAC deployment through Addigy MDM.
Step 1: Create a new smart software to deploy ThreatLocker.



Locate your GroupKey and replace it in the code below.
Script:
#!/bin/bash
GroupKey="xxxxxxxxxxxxxxxxxxxxx"
#install
if [ ! -d /Applications/Threatlocker.app ]
then
curl --output-dir "/private/var/tmp" -O https://updates.threatlocker.com/repository/mac/2.0/Threatlocker.app.zip
zip -d /private/var/tmp/Threatlocker.app.zip __MACOSX/\*
unzip -qq /private/var/tmp/Threatlocker.app.zip -d /Applications
if [ ! -d /Applications/Threatlocker.app ]
then
echo "Not able to download the file"
exit 1
else
open /Applications/ThreatLocker.app --args -groupKey $GroupKey
echo "Installing Threatlocker"
sleep 15
echo "Verifying Group Key"
sleep 15
if [ ! -d /Library/Application\ Support/Threatlocker ]
then
echo "GroupKey is Invalid"
exit 1
else
echo "Threatlocker Installed"
exit 0
fi
fi
fi
if [ -d /Applications/ThreatLocker.app ]
then
echo "Threatlocker is already installed"
exit 1
fi
Step 2: Make a MDM profile to allow the ThreatLocker System Extension to be installed.



Team Identifier: MSY54GN4KF
Step 3: Make a MDM profile to allow the ThreatLocker Web Content Filter to be installed.


Bundle Indentifier: com.threatlocker.app
Designated Requirement: anchor apple generic and identifier "com.threatlocker.app" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = MSY54GN4KF)
To allow Full disk access we need to make a PPPC profile. When making this PPPC profile we will need to use the following Identifier and Code Requirement.
Identifier: com.threatlocker.app.agent
Code Requirement: anchor apple generic and identifier "com.threatlocker.app.agent" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = MSY54GN4KF)


To allow Threatlocker Notifications we will need to make a notification profile. Below is the Identifier you will need to use
Identifier: com.threatlocker.app.UIAgent


Step 4: Add the Smart Software and the MDM profile to a policy so it can be deployed.

