Threatlocker Deployment - Windows
Summary
Triggers the Threatlocker Deployment' automation on Windows machines where deployment is enabled.
Details
Name: Threatlocker Depoyment - Windows
Description: Triggers the auto-deployment script for Threatlocker on Windows machines where deployment is enabled.
Recommended Agent Policies: It is advised to configure this compound policy within the following default agent policies:
Windows Server [Default]Windows Workstation [Default]
Dependencies
- Automation - Threatlocker Deployment
- cPVAL Threatlocker Deployment
- cPVAL Threatlocker Deployment - Exclude
- Solution - Threatlocker Deployment [NinjaOne]
Compound Condition Creation
Compound conditions can be configured within an Agent Policy. This document provides an example using the default Windows Workstation [Default] policy for demonstration purposes.
Navigate to Administration > Policies > Agent Policies.
Search for Windows Workstation and select the default Windows Workstation [Default] policy.
This will navigate you to the policy's landing page, which is the Conditions section. Note that conditions may vary across different policies and environments. The provided screenshot is for demonstration purposes only.
Navigate to the Compound Conditions section. Note that existing compound conditions may vary across different policies and environments. The provided screenshot is for demonstration purposes only.
Click the + Add button to add a compound condition.
Clicking the + Add button opens the compound condition creation window.
Conditions
Condition 1: Custom fields
-
Click the
+ Add conditionbutton.
-
Select the
Custom fieldsoption from the list that will appear after clicking the+ Add conditionbutton.
-
Add custom fields conditionscreen will appear on selecting theCustom fieldsoption:
-
Click the
+ Addbutton within the upper section labeledCustom field value must meet ALL conditions.
-
A new row will be added upon clicking the
+ Addbutton.
-
Search and select the
cPVAL Threatlocker Deployment - Excludecustom field. -
Condition:
cPVAL Threatlocker Deployment - Excludedoes not equalYes
-
Click the
+ Addbutton within the lower section labeledCustom field value must meet ANY conditions.
-
A new row will be added upon clicking the
+ Addbutton.
-
Search and select the
cPVAL Threatlocker Deploymentcustom field. -
Condition:
cPVAL Threatlocker DeploymentequalsWindows
-
Click the
+ Addbutton within the lower section labeledCustom field value must meet ANY conditions.
-
A new row will be added upon clicking the
+ Addbutton.
-
Search and select the
cPVAL Threatlocker Deploymentcustom field. -
Condition:
cPVAL Threatlocker DeploymentequalsWindows and Macintosh
-
Click the
Applybutton to save thecustom fieldcondition.
Automations
Navigate to Automations section.
Click the + Add automation button.
Automation Library will appear upon clicking the + Add Automation button.
Note that existing automation library may vary across different environments. The provided screenshot is for demonstration purposes only.
Search and select the Threatlocker Deployment script.
Click the Apply button to add the automation.
Completed Automation Section:
Settings
Navigate to Settings section.
Set the Settings section as follows:
Name: Threatlocker Depoyment - Windows
Auto Reset:
- After:
True,24 hour - When no longer met:
True
Run Every: 24 hour
Minimum uptime for Trigger: True, 10 minutes
Notifications
Leave the Notifications section untouched.
Completed Component
Click the Apply button at the bottom to save the compound condition.
Saving Agent Policy
Click the Save button located at the top-right corner of the screen to save the agent policy.
You will be prompted to enter your MFA code. Provide the code and press the Continue button to finalize the process.
