Threatlocker Deployment [NinjaOne]
Purpose
This solution is designed to configure the automatic deployment of the Threatlocker Agent on Windows and Macintosh machines that are missing the agent, using the NinjaOne platform.
Associated Content
Custom Field
| Content | Type | Available Options | Function |
|---|---|---|---|
| cPVAL Threatlocker Deployment | Drop-down | Windows, Windows and Macintosh, Disabled | Enables Threatlocker auto-deployment for Windows or both Windows and Macintosh machines at the organization level. |
| cPVAL Threatlocker Deployment - Exclude | Drop-down | Yes, No | Allows exclusion of specific locations or devices from Threatlocker auto-deployment. |
| cPVAL Threatlocker Auth Key | Text | Stores the Threatlocker authorization key for Windows machines. | |
| cPVAL Threatlocker Organization Name | Text | Fill it with the organization name under which the Threatlocker agent is to be installed in Threatlocker Portal | |
| cPVAL ThreatLocker Mac GroupKey | Text | Stores one or more tags, separated by commas (optional). |
Automation
| Content | Function |
|---|---|
| Threatlocker Deployment | Installs Threatlocker agent on Windows operating systems. |
| Threatlocker Deployment [MAC] | Installs Threatlocker agent on Macintosh operating systems. |
Compound Conditions
| Content | Function |
|---|---|
| Threatlocker Depoyment - Windows | Triggers the Threatlocker Deployment automation on Windows machines where deployment is enabled and Threatlocker is not installed. |
| Threatlocker Deployment - MAC | Triggers the Threatlocker Deployment [MAC] automation on Macintosh machines where deployment is enabled and Threatlocker is not installed. |
Implementation
Step 1
Create the following custom fields:
- cPVAL Threatlocker Deployment
- cPVAL Threatlocker Deployment - Exclude
- cPVAL Threatlocker Auth Key
- cPVAL Threatlocker Organization Name
- cPVAL ThreatLocker Mac GroupKey
Step 2
Create the following automations:
Step 3
Create the Threatlocker Depoyment - Windows compound condition for both default agent policies: Windows Server [Default] and Windows Workstation [Default]. The example in the document illustrates the deployment process for the Windows Workstations [Default] agent policy. It is also recommended to apply this compound condition to the Windows Server [Default] agent policy, following the same process.
Step 4
Create the Threatlocker Deployment - MAC compound condition for both default agent policies: Mac Server [Default] and Mac [Default]. The example in the document illustrates the deployment process for the Mac [Default] agent policy. It is also recommended to apply this compound condition to the Mac Server [Default] agent policy, following the same process.
