Help CenterThis article will demonstrate how to deploy ThreatLocker using Atera. This method will require the ThreatLocker deployment PowerShell for Atera and PowerShell 4.0.
Creating the Script
In your Atera account, navigate to the 'Admin' page using the left-hand sidebar.
Select the 'Monitoring and automation' dropdown from the 'Admin' page, then select 'Scripts' from the list of available options.
On the scripts page, select the 'Create script' button in the top right corner.
Selecting this button will open the 'Create script' page. Here, you are given several fields to fill out for creating your script.
To begin, enter your 'Script Name' and 'Script Description', then ensure that the '.ps1' file type is selected.
Note: It is optional to modify the remaining script properties. The remaining properties can be left as the default selections.
In your ThreatLocker Portal now, select the 'Install Computer' button. This button is located in the top right corner of every page on the ThreatLocker portal. It is also available in the 'Devices' page.
Selecting this button will open the 'Download Installer' window. From here, in the 'Select your deployment method' dropdown, choose 'Atera' from the available options.
Select the 'Installation Script' button to download the PowerShell script as a .txt file.
Once the script has been downloaded, copy and paste it into the 'Script editor' section of the 'Scripts' page.
Select the 'Create' button to finish creating your ThreatLocker Deployment script.
You will now see your newly created script in the 'Scripts' page.
Deployment
To deploy your ThreatLocker Deployment script, navigate to the 'Devices' page in your Atera account.
From here, select the devices you want to run this script on. You can either select individual devices or multiple at a time. As long as there is at least one device selected, you will see a button labeled 'Run Script' at the top of the page. Select this button.
Selecting the 'Run Script' button will open a list of existing scripts in your Atera account. Navigate to your ThreatLocker Deployment .ps1 script, then select 'Run'.
Before the script can be run, you are required to fill in three variables that must be assigned values before running your script. Those three values are as follows:
- organizationName* - The Organization name should be entered as you want it to appear in your ThreatLocker portal. If you enter an Organization name that does not exist in your portal, a new organization will be created. The Organization name and identifier will be the same if created during deployment. To insert a machine into a pre-existing organization within your portal, you must insert the name of the identifier rather than the Organization name.
- computerGroup* - Insert the name of the Computer Group you would like this machine to belong to. 'Workstations' and 'Servers' groups are created by default upon the generation of a new organization. You can also put a custom computer group in this space, which will be generated upon the deployment of your script and the addition of the computer to your computer group.
- UniqueIdentifier* - Enter your Unique Identifier. The unique identifier can be found in your 'Deployment Center' tab in your ThreatLocker portal.
- The unique identifier used is based on the agent's location. The parent organization's unique identifier is commonly used when deploying into your organization or its child organizations. When deploying to your child organizations, you DO NOT use their unique identifier. Using your child organization's unique identifier when deploying agents will subsequently create an organization under them, essentially creating a grandchild organization. For more information on how to locate your ThreatLocker Identifier, please review the following article:
Getting your Unique Identifier from ThreatLocker | ThreatLocker Help Center
After this information has been filled out, select the 'Run Script' button at the bottom of this Window.
After a few minutes, your newly added devices should appear in the 'Devices' page of your ThreatLocker Portal.