Deploying Huntress on Endpoints with Deep Freeze/VDI/Sysprep

This article applies to the use of the following: 

  • VMware Virtual Desktop Infrastructure (VDI)
  • Microsoft Windows Virtual Desktop (WVD)
  • Citrix VDI (formerly XenDesktop)
  • The use of standard install images (Sysprep/WIM, Microsoft Deployment Toolkit, etc.)
  • Faronics Deep Freeze

If any of the above are used within your environment, some deployment preparation may be required to ensure you do not end up with duplicate agents. The Huntress Agent registers with the Huntress cloud when the agent first comes online. If a host is reverted to a state prior to the install of the Huntress Agent, and the agent is then installed again, this will create a duplicate host.

In order to fix this, you'll need to change the registry key  AgentId located in HKEY_LOCAL_MACHINE\SOFTWARE\Huntress Labs\Huntress to 0 (hexadecimel)

You can run the below single-line PowerShell (admin) command as well
net stop huntressagent | REG ADD "HKLM\SOFTWARE\Huntress Labs\Huntress" /t REG_DWORD /v AgentID /d 0 /f
Here is a high-level overview of the process:
1) Install the agent
2) Stop the agent Huntress Agent -- Either from the services manager or "sc stop HuntressAgent" from an administrative command prompt
3) Modify the registry to "reset" the agent
4) Clone the VM/Create the image
5) The agent will register when the VM is deployed

Specifically, with respect to virtual environments, we use the UUID and hostname to help uniquely identify a host. When a VM is recomposed, if these remain the same, when the agent re-registers, we will re-use the existing agent ID (preventing duplicate hosts). If the UUID and/or hostname changes each time, you will see duplicates in your Huntress Dashboard as each host re-registers. 


We recommend testing a few clones before mass deploying. Reboot and revert the clones several times to verify that no new duplicate agents are created.

If you use see duplicate agents, we ask that you contact support at so we can help to identify the cause and resolve the issue.