Long Arrow Right External Link angle-right Search Send Times Loader chevron-down thumb-up thumb-down Spinner angle-left
Go to ThreatLocker

Deploying ThreatLocker via GPO with a startup script

View in browser

1) Download the startup script.

2) Unzip the script and open it in the text editor of your choice.  

3) Add the deployment unique identifier of the parent (Getting your Unique Identifier from ThreatLocker) to the "Key" variable on line 21.

undefined undefined

4) Add the organization identifier of the child (on the organizations page) to the "Company" variable on line 21. 

Note: If you are deploying to the parent organization, or you do not have any child organizations, simply use the organization unique identifier of the parent (on the organizations page).
undefined undefined

5) Save the script.

6) Open Group Policy Management on your AD server.

undefined

7) Expand Forest>Domain>Group Policy Objects.

undefined

8) Right-click "Group Policy Objects" and select "New".

undefined

9) Name your Group Policy Object and select "OK".

undefined

10) Right-click the new Group Policy Object and select "Edit".

undefined

11) Expand Computer Configuration>Windows Settings.

undefined

12) Select "Scripts (Startup/Shutdown)" and double click "Startup".

undefined

13) Select "Browse".

undefined

14) Paste the startup script from steps 1-4 into the file explorer that opens.

undefined

15) Select the script and select "Open".

undefined

16) Select "OK".

undefined

17) Select "Apply" then select "OK".

undefined

18) Exit the Group Policy Management Editor.

undefined

19) Back in Group Policy Management, Right-click the OU or domain you would like to apply the Group Policy Object to and select "Link an Existing GPO...".

undefined

20) Select the Group Policy Object then select "OK".

undefined

21) Right-click the linked Group Policy and select "enforced".

undefined

At this point, all that is needed is for the endpoints to get updated group policies.

Note: If you want to force a group policy update on an endpoint to test, use the "gpupdate /force" command in CMD.

Did this answer your question?
Thanks so much for your feedback!
%s of people found this helpful.