TEAM: Huntress EDR
PRODUCT: Powershell, PDQ
SUMMARY: Deploying Huntress with Powershell script via GPO
The preferred deployment method is via a PowerShell script. This ensures the latest version of the agent is always downloaded and the account key is only exposed to administrators with access to Group Policy Management.
IMPORTANT: This document assumes that you already have PDQ setup and you are using a valid deployment user that has admin rights on the domain/machines in the environment
Deploying Huntress via PowerShell & PDQ Deploy
Deploying our PowerShell script via GPO is simple. First, download the script from our github. Once the script is downloaded you will edit the script and modify line 47 by inputting your Account Key within the quotes and modify line 50 by inputting your Org Key within the quotes.
Now launch PDQ Deploy and once loaded, click “New Package” at the top ribbon this will open a window for configuring your new package:
Give the new package a name here of Install Huntress. Click on Steps and click “Powershell”
Next, we will click “Insert PowerShell Script…” and select the script we modified earlier in our process.
Now click “Save” at the top left to save the deployment job.
Now that the deployment job is created, we just need to define which hosts will get the deployment and deploy! Right-click on the “Install Huntress” job on the left pane, from the menu that pops up, select “Deploy Once”. When in that configuration window either add machines manually by name, or click Choose Targets and select them from AD, or a predefined Target list. As long as you have a proper account set to deploy you can leave all other settings as default here. Once you have your list set, just click “Deploy Now” and you should start seeing agents in our dashboard within 5 minutes.