You may view this article in your web browser, here. The following steps will guide you in deploying ThreatLocker to your clients via N-able RMM.  Creating the Deployment Script Download the latest deployment script here. This contains a .amp file within a zip folder. Login into your N-able RMM dashboard. Select Settings > Script Manager. Select New. Input a Name and Description. Check the "

View in browser This article is based on documentation from Microsoft and has not been verified by the ThreatLocker team.  Source: https://docs.microsoft.com/en-us/mem/intune/apps/intune-management-extension  Log into the ThreatLocker portal. Make sure you are managing the correct organization, or switch organizations using the Organizations page.  Click on the Computers page. Select Install New Computer.  Download the PowerShell Script for the group you are installing. Add into Microsoft InTune.

You may view this article in your web browser, here. The following steps demonstrate how to deploy ThreatLocker to your clients utilizing a PowerShell script via NinjaRMM. This method entails setting a scheduled task at the Policy Level within NinjaRMM. Note: Powershell 4.0 or greater is required. All organizations that do not exist within ThreatLocker will be created upon succesful execution of this script. Adding the PowerShell Script Login to NinjaRMM Navigate to Administration

You may view this article in your web browser, here.  As an alternative, ThreatLocker is now available as a Component in the Datto ComStore. Find the article here.  The following steps demonstrate how to deploy ThreatLocker to your clients utilizing DattoRMM. Log into your DattoRMM. Navigate to Components > New Components. Select the 'Applications' Category. Name the new component. Edit the description. Select 'Save'. Select the star on the top left-hand side to toggle favorites (This will allow you to make it a quick job).

Log into the Continuum Portal. Navigate to 'Devices' > 'Computers' on the sidebar menu. Select the desired organization you are looking to deploy to. Select Run. Select Command Prompt (CMD) Script from the drop-down menu. Select the desired device(s) > Continue to Setup. Paste in the Deployment Script in the Command Prompt Script. Get the latest Deployment Script for Continuum here.

The following steps demonstrate how to deploy ThreatLocker to your clients utilizing a PowerShell script via Atera. Important Notes: PowerShell 4.0 is required for this method to work. It is best to run the script found below against clients one at a time. Creating the Script In Atera: Navigate to the Admin Panel Select Scripts under Monitoring On the next screen, select Create Script. Create a 'Script Name' and input a 'Script description'  Leave 'File type' as ps1 (shell script written in powershell)  It is optional to modify the remaining 'script properties'.

View in Browser Creating the Deployment Script Log into your N-Central dashboard. Be sure you are managing the root of the N-Central System  (Structure may vary slightly, depending on the version of N-Central ) Select Configuration > Scheduled Tasks > Script/Software Repository. Select Add > Automation Policy.  Download the latest deployment script here. Browse to the .amp file you have downloaded. Select Save.

View in Browser. The following steps demonstrate how to deploy ThreatLocker to your clients utilizing ConnectWise Automate. The script given below will attempt to match your clients in Automate to your Organizations in ThreatLocker. Should there happen to be no match found, the script will create a new Organization for you in the ThreatLocker Portal. Note: We advise running this against a single PC first as the naming convention in Automate can lead to unexpected results.

View in Browser ThreatLocker is now available as a Component in the datto ComStore, further simplifying the deployment of ThreatLocker using datto RMM. You will need to retrieve your company's Unique Identifier from the ThreatLocker portal before proceeding. In the ThreatLocker portal, navigate to the 'Computers' page of your organization. Select the 'Install New Computer' button at the top. This will open a window containing your Unique Identifier as highlighted in the screenshot below.

Note: This can either be done on first deployment, or by using an existing deployment script for ThreatLocker on a scheduled basis. If already in possession of an existing deployment script, the section 'ThreatLocker Automate Deployment Script' can be skipped. Creating the Opt-in EDF: Open ConnectWise Automate. Navigate to System-> Configuration->Dashboard->Config->Configurations->Additionals Fields. We will create a New EDF that Opts in an Organization at the Client Level.

View in browser 1) Download the startup script. 2) Unzip the script and open it in the text editor of your choice.   3) Add the deployment unique identifier of the parent (Getting your Unique Identifier from ThreatLocker) to the "Key" variable on line 21. 4) Add the organization identifier of the child (on the organizations page) to the "Company" variable on line 21.  Note: If you are deploying to the parent organization, or you do not have any child organizations, simply use the organization unique identifier of the parent (on the organizations page).

View in Browser You can change how you want ThreatLocker to create Policies while your endpoints are in their initial Learning Mode.   Create Group Policies By default, computer groups will be set to 'Create group Policies', meaning the Applications that are found are learned across an entire computer group. For example, if ThreatLocker finds Notepad++ on one of your computers, it will automatically create a Policy to allow it on all computers in that group.

View in browser Deploying ThreatLocker using SyncroRMM uses a PowerShell Script. The script found below deploys the ThreatLocker agent and automatically creates organizations in the ThreatLocker portal if they do not already exist.  Adding a PowerShell Script Log into your SycroMSP Account Select Scripts from the Top Menu Select the New Script Button Enter a Name for the Script (E.g. ThreatLocker Deployment Workstations) Mark the Script as a Favorite Check "

View in Browser The ThreatLocker agent can be deployed using ConnectWise Control provided your license supports the ability to run commands. You will need to download the PowerShell script located here. This is the script for Ninja, and will need to be modified by adding the following 3 lines at the top for ConnectWise use: #!ps #maxlength=50000   #timeout=90000   Then you need to modify the script in the following 2 areas:

ThreatLocker identifies computers based on two registry keys, The ComputerId and ComputerAuthKey, that are created when the endpoints check into the portal. For those who utilize VDIs within their organizations, below you will find three VDI Configuration Scenarios and procedures to follow based on your scenario. If you happen to fall under a different scenario, reach out to a Cyber Hero for additional assistance. Scenario One: Using a Single Golden Image and VDI for Static PCs Before you can import the file into the Registry Editor of the VDI, you will need to disable tamper protection and stop the ThreatLocker Service on the VDI.

View in browser Download the latest version of our deployment scripts here Note: Export the XML file from the downloaded ZIP Overview This article will cover the steps to import the ThreatLocker Deployment script into your Kaseya VSA instance. The script will attempt to match your clients in Kaseya to your Organizations in ThreatLocker, and will create a new Organization if it doesn't match. It will also place the devices into either the Workstations or Servers group in ThreatLocker dependant on the operating system.

  The ThreatLocker agent can be deployed using the ConnectWise RMM provided your license supports the ability to run commands. You will need to download the PowerShell script located here. After downloading the script, we must modify 2 specific areas of the script: Under ## Variables, you will need to replace Insert Organization Name with the name of the organization you wish to deploy to enclosed in apostrophes as shown in the second screenshot below.

This article is based on documentation from Nerdio and has not been verified by the ThreatLocker team. Source: https://help.nerdio.net/hc/en-us/articles/360060124552-Overview-of-Scripted-Actions Nerdio Manager for MSP (NMM) allows you to configure and run a scripted action to install Threatlocker agent on AVD host pools. Log into the NMM Login to the customer account Select Scripted Actions from the main menu The scripted action to install the ThreatLocker agent is available in the NMM repository.

Obtain the MSI file Log into the ThreatLocker portal Click on Deployment Center Select the organization you are deploying into Download the MSI Installer for the group you are installing Additionally, the MSI file can be obtained on the Computers page by clicking on ‘Install New Computer’ and accepting the EULA. For additional information please see the ‘Deploying the ThreatLocker Agent’ course in ThreatLocker University. Create the Application in SCCM Launch the SCCM console.

Below, you will find the steps for MAC deployment through Addigy MDM. Step 1: Create a new smart software to deploy ThreatLocker. Locate your GroupKey and replace it in the code below. Script:  #!/bin/bash GroupKey="xxxxxxxxxxxxxxxxxxxxxxxx" #install if [ ! -d /Applications/Threatlocker.app ] then curl --output-dir "/Library" -O https://updates.threatlocker.com/repository/mac/1.1/Threatlocker.app.zip open /Library/Threatlocker.app.zip sleep .3 osascript -e 'quit app "Finder"' sleep 5 mv /Users/*/Downloads/Threatlocker.app /Applications