There are various way to deploy an application using Microsoft Intune. Most of the applications generally create a desktop shortcut Icon for users to launch the application easily. However, some of the third party / custom / In-house applications do not create a desktop shortcut. In that case, you can deploy a shortcut of the app using Intune.
Another scenario could be when you have upgraded an application and desktop shortcut of that application stops working. It could be due to broken path or links in the desktop shortcut. In that case, you can deploy a desktop shortcut by fixing the target path of the shortcut and deploy that shortcut on users devices using Intune.
You could have any other scenario / requirement for deployment of desktop shortcut. In this blog post, we will see how you can easily deploy a desktop shortcut using Microsoft Intune on Windows 10 or Windows 11 devices.
Please note that you can deploy a shortcut either on AllUsersDesktop which is also referred to as Public desktop on Windows 10 or Windows 11 devices. By creating this shortcut on AllUsersDesktop / Public desktop, we will make sure that the shortcut is available / visible to all the users who work on that device.
We will be using a powershell script which we will upload to Microsoft Endpoint Manager Portal and Push it to the end user devices in System context. Let’s see step by step how to create a desktop shortcut using Microsoft Intune.
If you already have a desktop shortcut which you want to delete using Intune, you can check the post How To Delete A Desktop Shortcut Using Intune.
Powershell script to create desktop shortcut
Let’s take an example of a Zoom app which we have already deployed on users devices. We would be creating a desktop shortcut of this app on public desktop using Intune. Public desktop location is C:\users\public\desktop.
You can use below script and given steps to deploy a shortcut of any other application by updating $TargetFile and $ShortcutFile variables. Copy the script code and save it in a .ps1 file. For example: Zoom_shortcut.ps1.
- $TargetFile = Provide the target location of the shortcut. Update this variable to point it to the application executable.
- $ShortcutFile = This variable provides – Where you want to create ths shortcut and whats would be the name of desktop shortcut. We are going to create desktop shortcut on Public desktop using below code.
$TargetFile = "C:\Program Files\Zoom\bin\Zoom.exe" $ShortcutFile = "$env:Public\Desktop\Zoom_New.lnk" $WScriptShell = New-Object -ComObject WScript.Shell $Shortcut = $WScriptShell.CreateShortcut($ShortcutFile) $Shortcut.TargetPath = $TargetFile $Shortcut.Save()
If we deploy a desktop shortcut on Public desktop, the shortcut will be visible to all the users who will sign in to that device. However, if you do not want to deploy a desktop shortcut on the Public desktop and Instead want to deploy it on the desktop of User’s profile. You can use below powershell script code and use that to deploy a desktop shortcut.
Desktop path of User’s profile is C:\users<username>\desktop. If your desktop has been redirected to Onedrive then User’s profile desktop location will be C:\Users\<username>\OneDrive – myorg\Desktop where the shortcut will be created.
$TargetFile = "C:\Program Files\Zoom\bin\Zoom.exe" $DesktopPath = [Environment]::GetFolderPath("Desktop") $ShortcutFile = "$DesktopPath\Zoom_New.lnk" $WScriptShell = New-Object -ComObject WScript.Shell $Shortcut = $WScriptShell.CreateShortcut($ShortcutFile) $Shortcut.TargetPath = $TargetFile $Shortcut.Save()
Deploy Powershell Script to create desktop shortcut using Intune
We can deploy the powershell script file created in previous step on End user devices using Microsoft Intune. Please follow below steps to deploy powershell script on end user devices.
- Login on Microsoft Endpoint Manager Admin Center
- Go to Devices -> Scripts.
- Click on + Add and select Windows 10 and later.
Provide a Name and Description of the Policy.
- Name: Create Zoom Desktop shortcut Icon
- Description: This script will create Zoom Desktop Shortcut Icon on Public Desktop.
On Script settings, you can browse to script location to upload into Intune.
- Script Location: Browse to the location where your powershell script is stored. Select powershell script.
- Run this script using the loggedon credentials: Keep it at its default setting No. As we will run this script in System context not user context.
- Enforce script signature check: Keep it at its default setting No.
- Run script in 64 bit Powershell Host: Select Yes. This will run powershell script in 64-bit mode.
On the Assignments tab Under Included groups, you can either add an Azure AD security group containing devices or click on + Add all devices to run this script on all end user devices which are managed by Intune.
Review + Add
Review the Summary Information and click on Add to Upload this Powershell script into Intune and Deploy / Execute it on End user devices.
End User Experience
At the target device, when Intune Device check-in process completes. Powershell script will be downloaded on users device and executed from that location. Powershell scripts are downloaded at C:\Program Files (x86)\Microsoft Intune Management Extension\Policies\Scripts location.
After Powershell script execution completes on the device, you will see a Desktop shortcut created under C:\users\Public\Desktop location. Desktop shortcuts created under Public desktop are visible to any user who logs on to that device.
We can also check the Intune Management Extension log to check when exactly the script was executed and also in case of any issues we can check this log file to find the problem. Intune Management Extention log file is located at C:\ProgramData\Microsoft\IntuneManagementExtension\Logs location. Log File Name is: IntuneManagementExtension.log.
Powershell Script to Deploy multiple Desktop Shortcuts
If you want to create more than one desktop shortcut on user’s device. You can use below powershell script. Customize the script to target the apps as per your requirement. Below script will create a desktop shortcut for Microsoft Excel, Powerpoint, Word, Outlook, Zoom, Edge browser, Chrome and Onenote.
Please note that below script deploys the shortcuts to C:\users\public\desktop location. This desktop location is visible to any user who logs on to the device. If you want to deploy the shortcut to Users Onedrive desktop location then you will need to add a variable
$desktopPath and update
$shortcutfile variable to point to $desktopPath location.
$DesktopPath = [Environment]::GetFolderPath(“Desktop”)
$ShortcutFile = “$DesktopPath\Zoom_New.lnk”
$TargetFile0 = "C:\Program Files\Microsoft Office\root\Office16\excel.exe" $TargetFile1 = "C:\Program Files\Microsoft Office\root\Office16\winword.exe" $TargetFile2 = "C:\Program Files\Microsoft Office\root\Office16\powerpnt.exe" $TargetFile3 = "C:\Program Files\Microsoft Office\root\Office16\outlook.exe" $TargetFile4 = "C:\Program Files\zoom\bin\Zoom.exe" $TargetFile5 = "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" $TargetFile6 = "C:\Program Files\Google\Chrome\Application\chrome.exe" $TargetFile7 = "C:\Program Files\Microsoft Office\root\Office16\ONENOTE.EXE" $ShortcutFile0 = "$env:Public\Desktop\Excel_1.lnk" $ShortcutFile1 = "$env:Public\Desktop\Word_1.lnk" $ShortcutFile2 = "$env:Public\Desktop\PowerPoint_1.lnk" $ShortcutFile3 = "$env:Public\Desktop\Outlook_1.lnk" $ShortcutFile4 = "$env:Public\Desktop\Zoom_1.lnk" $ShortcutFile5 = "$env:Public\Desktop\Edge_1.lnk" $ShortcutFile6 = "$env:Public\Desktop\Chrome_1.lnk" $ShortcutFile7 = "$env:Public\Desktop\OneNote_1.lnk" $WScriptShell0 = New-Object -ComObject WScript.Shell $WScriptShell1 = New-Object -ComObject WScript.Shell $WScriptShell2 = New-Object -ComObject WScript.Shell $WScriptShell3 = New-Object -ComObject WScript.Shell $WScriptShell4 = New-Object -ComObject WScript.Shell $WScriptShell5 = New-Object -ComObject WScript.Shell $WScriptShell6 = New-Object -ComObject WScript.Shell $WScriptShell7 = New-Object -ComObject WScript.Shell $Shortcut0 = $WScriptShell0.CreateShortcut($ShortcutFile0) $Shortcut1 = $WScriptShell1.CreateShortcut($ShortcutFile1) $Shortcut2 = $WScriptShell2.CreateShortcut($ShortcutFile2) $Shortcut3 = $WScriptShell3.CreateShortcut($ShortcutFile3) $Shortcut4 = $WScriptShell4.CreateShortcut($ShortcutFile4) $Shortcut5 = $WScriptShell5.CreateShortcut($ShortcutFile5) $Shortcut6 = $WScriptShell6.CreateShortcut($ShortcutFile6) $Shortcut7 = $WScriptShell7.CreateShortcut($ShortcutFile7) $Shortcut0.TargetPath = $TargetFile0 $Shortcut1.TargetPath = $TargetFile1 $Shortcut2.TargetPath = $TargetFile2 $Shortcut3.TargetPath = $TargetFile3 $Shortcut4.TargetPath = $TargetFile4 $Shortcut5.TargetPath = $TargetFile5 $Shortcut6.TargetPath = $TargetFile6 $Shortcut7.TargetPath = $TargetFile7 $Shortcut0.Save() $Shortcut1.Save() $Shortcut2.Save() $Shortcut3.Save() $Shortcut4.Save() $Shortcut5.Save() $Shortcut6.Save() $Shortcut7.Save()
In this blog post, we have seen how you can deploy a desktop shortcut on end user devices. There are two locations where you can create a desktop shortcut. First option is to create a desktop shortcut at C:\users\public\deskop location which is a recommended option as it makes the shortcut visible for all the users who work on that device.
Second option is to deploy a desktop shortcut on the Desktop of User’s profile which would be C:\users<username>\desktop or C:\Users\<username>\OneDrive – myorg\Desktop. Shortcuts deployed under user’s profile will be visible only to that user.
- How To Delete A Desktop Shortcut Using Intune.
- Block USB Drives With Exceptions Using Microsoft Intune.
- Configure Team Site Libraries To Sync Automatically Using Microsoft Intune / Endpoint Manager.
- How To Implement Applocker Using Intune.
- Uninstall Zoom Using Powershell Script And Intune Win32 App.
- Set Microsoft Edge As Default Browser Using Microsoft Intune.