Install Threatlocker agent update request

Avatar
Troy Casper

Hi,  Hopefully this is the correct place for this.   I ran into an issue with my Threatlocker where it was putting the agent into the default group instead of a custom one.   After talking with Threatlocker these are the recommendations to fix up the issue with the PS Script.

The script has a hard coded group name set here, $ThreatlockerGroupName = "Workstations"; .  It is recommended to change the script to add a variable ThreatlockerGroupName that can be set as a variable instead of hard coding "Workstations".

This way it is not necessary to clone the script for every account and change the hard coded Value.   I use AVD as a group.  Some may want to set it to the servers group or to another custom group.

 

From my Threatlocker portal the required group can be found here https://portal.threatlocker.com/computer-groups .  In my groups I do not even have a "Workstations" group.

 

0

Comments (3 comments)

Sort by
0
Avatar
Dave Stephenson

Welcome to the community, Troy Casper 🙂!

You're correct (and this is a great place to post it) that existing scripted action doesn't support dynamic groups.
However, it's fairly easy to modify the script (modified version is HERE on the NMM-SE GitHub) to utilize Inherited Variables so you can set the Group Name at the account level until we can get this change made in the product.

  1. Clone the Install Threatlocker Agent scripted action
    NOTE: Alternatively, you can download the modified scripted action from the NMM-SE GitHub and skip to step 3.
  2. Change $ThreatlockerGroupName = "Workstations"; to $ThreatlockerGroupName = $InheritedVars.ThreatlockerGroup; and Save/Clone the script
  3. Create an Inherited Variable at the MSP level (Settings>Integrations>Secure, Inherited and Environment variables for scripted actions>Add a variable)
  4. Assign the scripted action to the accounts
  5. *OPTIONAL*
    Overwrite the Inherited Variable at the account level
  6. Assign the scripted action as part of your Host Pool Deployment properties
  7. Verify your agents are being put in the correct group(s)

 

0
Avatar
Troy Casper

Can the ThreatlockerGroup variable be added to the customer level where the other variables are set instead, incase it's not the same group for all customers?

0
Avatar
Dave Stephenson
(Edited )

Of course!
The beauty of the Inherited Variables is you can set a default value at the MSP level and override it at the customer level.
This gives you the ability to have one script (or Intune Policy) that you're able to use with all of your customers and just swap out the variable value at the customer level.


Please sign in to leave a comment.