Using Group Policies, you can create a shortcut to a specific app on the desktops of all (or certain) domain users. GPO allows you to create a shortcut for a locally installed app, a URL, an executable file on a shared network folder or a domain controller (the NETLOGON folder).
In this example we will show you how to create multiple shortcuts on a user’s desktop using Group Policy Preferences (available starting with Windows Server 2008 R2). In the same way you can create shortcuts in Windows 10 Start Menu or Quick Access Toolbar.
- Open the Group Policy Management Console (
gpmc.msc
), right-click an AD container (Organizational Unit) you want to apply a shortcut creation policy to and create a new policy (a GPO object) named CreateShortcut; - Right-click on the created policy and select Edit;
- Go to the Group Policy Preferences section: User Configuration –> Preferences -> Windows Settings -> Shortcuts. Click it and select New -> Shortcut;
- Create a new shortcut item with the following settings:
Action:Update
Name:TCPViewShortcut
(shortcut)
Target Type:File System Object
(you can select a URL or a Shell object here)
Location:Desktop
In this example, we will put a shortcut only on the desktop of the current user. Here you can choose where to place your shortcut: Start Menu, Startup, or All User Desktops.
Target Path:C:\Install\TCPView\Tcpview.exe
(a path to the file you want to create a shortcut for)
Icon file path:C:\Install\TCPView\Tcpview.exe
(a path to the shortcut icon) - If you have selected to place the shortcut on the Desktop of the current user (Location = Desktop), check the Run in logged-on user’s security context (user policy option) on the Common tab;
- If you want to create a shortcut for specific users only, add their accounts to a separate AD domain group. Then you can use Group Policy Targeting to deploy a shortcut to members of that security group. Enable the Item-level targeting and click the Targeting button. Select New Item -> Security Group and choose the domain group. As a result, the application shortcut will appear only for users added to the specified Active Directory security group;
- If you want to create an app shortcut in the Public profile (for all computer users), select Location = All User Desktop (disable the “Run in logged-on user’s security context” option since non-admin users do not have the permissions to modify the Public profile);
- Save the changes. Note that Desktop (
%DesktopDir%
) and All User Desktop (%CommonDesktopDir%
) environment variables are displayed in the GPO console; - Update the policies on your clients (
gpupdate /force
or by logoff/logon).If you have linked a GPO to an Organizational Unit containing computer objects (instead of users), you must also enable the GPO loopback option. Set Configure user Group Policy loopback processing mode =Merge
in Computer Configuration -> Policies -> Administrative Templates -> System -> Group Policy. - After the policies have been updated, a user will see a new shortcut on the desktop;
You can add multiple rules to creating app shortcuts for different groups of users, computers, or OUs in a single GPO (you can set different criteria for applying a shortcut policy using GPP Item Level Targeting).
Let’s add the Logoff
shortcut (with the shutdown.exe command) to the desktops of all users to let them quickly end their session.
Create a new policy item with the following settings:
- Name = “
Log Off
” - Location = “
All Users Desktop
” - Target Path =
C:\Windows\System32\logoff.exe
orC:\Windows\System32\shutdown.exe /l
- Icon File Path =
%SystemRoot%\System32\SHELL32.dll
(Use the standard library with the commonly used Windows icons. Select the icon you want in the DLL file. Its index will appear in the Icon Index field.)