Table of Contents
Locating the Unique Identifier | Downloading and Configuring the ThreatLocker Component (New UI) | Downloading and Configuring the ThreatLocker Component (Legacy UI)
Note: For organizations deploying to a large number of endpoints, ThreatLocker recommends using a staggered deployment approach. Organizations that deploy to a large number of endpoints at once may experience increased bandwidth usage as Windows Core and application definitions are downloaded to each endpoint. QOS can be used to limit bandwidth to corecdn.threatlocker.com and apps.threatlocker.com
ThreatLocker is available as a component in Datto's ComStore, simplifying its deployment using Datto RMM. Before proceeding, you must retrieve your company's Unique Identifier from the ThreatLocker portal.
Locating the Unique Identifier
To locate your company’s unique identifier, you can select the 'Install Computer’ button located at the top right corner of every page within the ThreatLocker portal.
Alternatively, navigate to the ‘Devices’ page using the left-hand side of the portal and select the ‘Install Computer’ button in the page's top left corner.
Selecting this button will open a pop-up window titled ‘Download Installer’. Here, you can view your Unique Identifier for your organization.
Downloading and Configuring the ThreatLocker Component (New UI)
Once your Unique Identifier has been located, you can log into your Datto RMM account. Using the left-hand side of the Datto RMM portal, select the ‘Automation’ dropdown, then select ‘ComStore’.
Now, in the ‘ComStore’ page, use the search bar to search for ‘threatlocker’ and select ‘ThreatLocker Installer [WIN]’.
Select the ‘Add’ button to the right of the component to add it to your list of components. Once this has been downloaded, it will now be available in your ‘Components’ tab.
Now, navigate to the ‘Components’ tab using the left-hand side of the page.
Using the search bar, enter ‘ThreatLocker Installer [WIN]’.
Select your newly added ‘ThreatLocker Installer [WIN]’ component, then select the kebab menu option above it.
From within this menu, select ‘Copy’. Creating a copy of the ThreatLocker Installer component will allow you to have a base version not associated with a Unique Identifier from another one of your organizations.
In the ‘Name’ field, you can choose to change the name of the copy of your ThreatLocker Installer.
Now, navigate to the ‘Variables’ section of the page. By default, the variable named usrTLSerial will be listed.
Using the ‘Default Value’ field provided, enter the Unique Identifier for the organization that the machines you will be deploying ThreatLocker in will belong to.
This is the only change necessary for your component.
You can now select ‘Create Component’ at the bottom of the page to solidify your changes.
Your organizations in ThreatLocker will be created by Datto RMM to match your Site names in Datto under the ThreatLocker Organization from which you obtained the Unique Identifier.
If you have already provisioned your organizations in ThreatLocker, care must be taken to ensure that your 'Identifier' in ThreatLocker matches your Datto Site name exactly. Otherwise, new organizations will be created in ThreatLocker with the Identifier of the Site names in Datto. The 'Identifier' is located in the smaller font below your organization's name.
The Identifier can be changed by navigating to the ‘Organizations’ page, selecting the gear icon to the right of the organization's name, and then navigating to the ‘Identifier’ field within the ‘Edit Organization Settings’ page.
If you wish to override the usrTLSerial variable with a Site variable and specify a specific Site to map your devices to, navigate to the ‘Components’ section and select the component you want to edit the variable on. You can also copy the component to create a new one for a ThreatLocker Site.
Once selected, navigate to the ‘Variables’ section of your component. Where the variable named ‘userTLSerial’ is placed, select this and change the variable from ‘usrTLSerial’ to ‘usrTLSerialSite’.
Add the Unique Identifier of the target organization within the 'Default Value' field, then select ‘Create Component’ at the bottom of the page. When you run the deployment script in Datto, any machine located within that Site in Datto will be mapped according to the Unique Identifier you placed in your usrTLSerialSITE variable.
Downloading and Configuring the ThreatLocker Component (Legacy UI)
Once your Unique Identifier has been located, you can log into your Datto RMM account. Using the menu at the top of the screen, select ‘ComStore’ > ‘All Components’.
Now in ‘ComStore’, use the search bar at the top of the page to search for ‘threatlocker’ and select ‘ThreatLocker Installer [WIN]’.
Select the component, then choose ‘Add to my Component Library’ within the pop-up window.
Once selected, you can now view this component within your ‘Components’ page. Using the menu at the top of the page once more, select ‘Components’.
Enter ‘ThreatLocker Installer [WIN]’ in the search bar to locate your newly downloaded component.
To the right of the component, select the copy icon. This will create a copy of your component and allow you to maintain a base version of the component that is not associated with a Unique Identifier from any of your organizations.
Once you select to copy this component, a pop-up window asking you to confirm you want to copy this will appear. Select ‘OK’ to proceed.
Once your component has been copied, a page containing its settings will open. Here, you can change its name and description. It is recommended that you name the component so that you will remember which organization it is associated with.
Now, navigate to the ‘Variables’ section of the page. By default, the variable named usrTLSerial will be listed.
Select the pencil icon to the right of the variable to edit it.
Within the ‘Default’ field, enter the Unique Identifier for the organization to which the machines you will be deploying ThreatLocker will belong.
This is the only change necessary for your component. Once done, select the checkmark button to the right of the variable.
Once this has been added, you can select the ‘Save’ button at the bottom of the page.
Your organizations in ThreatLocker will be created by Datto RMM to match your Site names in Datto under the ThreatLocker Organization from which you obtained the Unique Identifier.
If you have already provisioned your organizations in ThreatLocker, care must be taken to ensure that your 'Identifier' in ThreatLocker matches your Datto Site name exactly. Otherwise, new organizations will be created in ThreatLocker with the Identifier of the Site names in Datto. The 'Identifier' is located in the smaller font below your organization's name.
The identifier can be changed by navigating to the ‘Organizations’ page, selecting the gear icon to the right of the organization name, and then navigating to the ‘Identifier’ field within the ‘Edit Organization Settings’ page.
If you wish to override the usrTLSerial variable with a Site variable and specify a specific Site to map your devices to, navigate to the ‘Components’ section and select the component you want to edit the variable on. You can also copy the component to create a new one for a ThreatLocker Site.
Once selected, navigate to the ‘Variables’ section of your component. Where the variable named ‘userTLSerial’ is placed, select this and change the variable from ‘usrTLSerial’ to ‘usrTLSerialSite’.
Add the Unique Identifier of the target organization within the 'Default' field, select the checkmark button to the right of the variable, then select ‘Save’ at the bottom of the page. Now, when you run the deployment script in Datto, any machine located within that Site in Datto will be mapped according to the Unique Identifier you placed in your usrTLSerialSITE variable.