Threatlocker Deployment - MAC
Summary
Triggers the Threatlocker Deployment [MAC] automation on macintosh machines where deployment is enabled.
Details
Name: Threatlocker Deployment - MAC
Description: Triggers the auto-deployment script for Threatlocker on Macintosh machines where deployment is enabled.
Recommended Agent Policies: It is advised to configure this compound policy within the following default agent policies:
Mac Server [Default]Mac [Default]
Dependencies
- Threatlocker Deployment [MAC]
- cPVAL Threatlocker Deployment
- cPVAL Threatlocker Deployment - Exclude
- Solution - Threatlocker Deployment [NinjaOne]
Compound Condition Creation
Compound conditions can be configured within an Agent Policy. This document provides an example using the default Mac [Default] policy for demonstration purposes.
Navigate to Administration > Policies > Agent Policies.
Search for Mac and select the default Mac [Default] policy.
This will navigate you to the policy's landing page, which is the Conditions section.
Note that conditions may vary across different policies and environments. The provided screenshot is for demonstration purposes only.
Navigate to the Compound Conditions section.
Note that existing compound conditions may vary across different policies and environments. The provided screenshot is for demonstration purposes only.
Click the + Add button to add a compound condition.
Clicking the + Add button opens the compound condition creation window.
Conditions
Condition 1: Software
-
Click the
+ Add conditionbutton.
-
Select the
Softwareoption from the list that will appear after clicking the+ Add conditionbutton.
-
Add Software Conditionscreen will appear on selecting theSoftwareoption:
-
Configure the
Add Software Conditionas follow:Software Name:
Threatlocker
Trigger when:Any SoftwareDoesn't exist
-
Note: The Return key must be pressed after pasting the name to set the
Software Name. -
Click the
Applybutton to save thesoftwarecondition.
Condition 2: Custom fields
-
Click the
+ Add conditionbutton.
-
Select the
Custom fieldsoption from the list that will appear after clicking the+ Add conditionbutton.
-
Add custom fields conditionscreen will appear on selecting theCustom fieldsoption:
-
Click the
+ Addbutton within the upper section labeledCustom field value must meet ALL conditions.
-
A new row will be added upon clicking the
+ Addbutton.
-
Search and select the
cPVAL Threatlocker Deployment - Excludecustom field. -
Condition:
cPVAL Threatlocker Deployment - Excludedoes not equalYes
-
Click the
+ Addbutton within the upper section labeledCustom field value must meet ALL conditions.
-
A new row will be added upon clicking the
+ Addbutton.
-
Search and select the
cPVAL Threatlocker Deploymentcustom field. -
Condition:
cPVAL Threatlocker DeploymentequalsWindows and Macintosh
-
Click the
Applybutton to save thecustom fieldcondition.
Automations
Navigate to Automations section.
Click the + Add automation button.
Automation Library will appear upon clicking the + Add Automation button. Note that existing automation library may vary across different environments. The provided screenshot is for demonstration purposes only.
Search and select the Threatlocker Deployment [MAC] script.
Click the Apply button to add the automation.
Completed Automation Section:
Settings
Navigate to Settings section.
Set the Settings section as follows:
Name: Threatlocker Deployment - MAC
Auto Reset:
- After:
True1 hour - When no longer met:
True
Run Every: 30 Minutes
Trigger uptime: False
Notifications
Leave the Notifications section untouched.
Completed Component
Click the Apply button at the bottom to save the compound condition.
Saving Agent Policy
Click the Save button located at the top-right corner of the screen to save the agent policy.
You will be prompted to enter your MFA code. Provide the code and press the Continue button to finalize the process.
