Help CenterYou can create a template organization under your parent organization to easily duplicate modules, policies, and options when creating a new child organization.
First, navigate to the ‘Organizations’ page using the left-hand menu. Select ‘+ New Organization’ at the top left side of the page.
A side panel will open titled ‘Create Organization’. Here, name your new Template Organization ‘Template’. Enter ‘Template’ into the ‘Identifier’ field as well, then select the correct Time Zone if necessary.
You can optionally add ‘Options’ to your Template organization. To add these, navigate to the ‘Options’ tab at the top of the page.
Select the dropdown to view the list of options available. You can scroll through the options or type them in the field to find specific ones.
Note: While adding options to a Template organization is convenient, these options should be used with extreme caution as adding them may impact ThreatLocker’s ability to monitor and secure your environment.
For further information about the Options Tab, please refer to the article below:
Once you have added all desired options, you can choose to add different settings to your organization such as ITAR Compliance, logout timers, tray settings, and more. You can also keep your organization with default settings, just remember to add the name and identifier as ‘Template’ prior to creation.
For further information regarding setting up an organization, please navigate to the following article:
Once you have applied your desired settings, select the ‘Create’ button at the bottom of the page.
Now that your Template organization has been created, you can choose which modules you would like to apply to it. Select the dropdown menu under the modules tab, then use the checkbox to the left of each module name to choose which ones you want to apply to the organizations. These are the modules that will be selected by default, or inherited, each time you create a new child organization.
For more information on Module options, please navigate to the following article:
Once all desired modules have been chosen, select the ‘Template’ organization to manage it.
Once in the ‘Template’ organization, expand the Modules drop-down menu on the left-hand side of the screen, then select ‘Application Control’.
Now within the ‘Application Control’ page, you will notice that there are no existing policies. New organizations will always contain a list of default policies and policies from the template organization unless it is called ‘Template’. This is because ThreatLocker will recognize the organization as a Template, which will therefore not need the default policies as the Template is not intended to be used as a functioning organization.
Now, you can add all policies that you wish to appear in any new organization you create. Policies created from Application Control, Storage Control, and Network Control will copy over into new child organizations that are created.
You will notice that groups created within this Template organization have the naming convention ‘Template-{computer group}’. This functions the same as the process explained in the following article:
Note: When creating a policy, be sure to NOT apply it to the entire organization or global group as this will not copy policies over to newly created organizations. Instead, use one of the groups that are named ‘template-{group name}’, which are made automatically upon creation of the ‘Template’ group. This applies to Application Control, Network Control, and Storage Control policies.
For this example, we will create a new Application Policy for ‘Notepad++’, an application that is not part of the ThreatLocker default policies.
Start by selecting the ‘+ New Policy’ button using the button on the top left corner of the ‘Application Control’ page.
A side panel will appear titled ‘Create Application Policy’. Name your policy, then make sure the policy does not apply to the ‘Entire Organization’. Choose which application(s) you would like to include in your policy, then select the ‘Create’ button at the bottom when all parameters have been selected.
For any questions regarding creating Application, Network Control, or Storage Control policies, please refer to the following articles:
Once all policies have been created, you can now return to your parent organization (the one you created the Template organization under) and make new child organizations using your template.
For this example, the new child organization created has been called ‘Test Organization’. Immediately upon its creation, you will see that it is labeled as ITAR Compliant, like our Template, and has 14 modules enabled.
Selecting the gear icon to open the ‘Edit Organization Settings’ side panel, we can see in the ‘Options’ tab that the ‘EnableSHA256’ option has also been enabled.
Navigating into the organization, go to Modules > Application Control. You will see that this newly created child organization has all the ThreatLocker default policies inside of it. If you search for ‘Notepad++’, the policy created for this example, it will now populate within all child organizations created.
