Deploying ThreatLocker with NinjaRMM – PowerShell Script

2 min. readlast update: 08.01.2024
Note: For organizations deploying to a large amount of endpoints, ThreatLocker recommends using a staggered deployment approach. Organizations that deploy to a large number of endpoints at once may experience increased bandwidth usage as Windows Core and application definitions are downloaded to each endpoint. QOS can be used to limit bandwidth to corecdn.threatlocker.com and apps.threatlocker.com

 

The following steps demonstrate how to deploy ThreatLocker to your clients utilizing a PowerShell script via NinjaRMM. This method entails setting a scheduled task at the Policy Level within NinjaRMM.

Note: Powershell 4.0 or greater is required.

All organizations that do not exist within ThreatLocker will be created upon succesful execution of this script.

Adding the PowerShell Script

  • Login to NinjaRMM
  • Navigate to Administration

 

  • Expand 'Library' and then select 'Automation'.

 

  • Then select 'Add' and select 'New Script'.

 

  • Get the latest deployment script for NinjaRMM from the Deploy Agents section of the Deployment Center in the ThreatLocker Portal. 
  • Copy and paste the deployment script into the NinjaRMM Editor.
  • Replace the series of X's with the Unique Identifier of the organization. 

For a quick guide on how to locate the Unique Identifier of an organization, please refer to our article, Getting your Unique Identifier from ThreatLocker.

  • Select "PowerShell" as the Language.

Setting the Scheduled Task

The scheduled script will be part of a scheduled task that is tied to organizations. We have copied the default Windows Workstation scheduled task to include some custom items in this example.  

  • Navigate to Administration, and this time choose Tasks
  •  Select New Task to open the 'Create new schedule task' configuration window.

  •  Select Add Script.
  • Name your task, and set the schedule desired.

 

  • Select Targets
  • Add the Target Organizations

 

 

Once the scheduled script has been executed, you may check the status of the deployment by opening one of the computers that has the scheduled task chosen for deployment. The results of the PowerShell script will be under the Activities section of the Overview screen.

  

 

Was this article helpful?