How to create a desktop shortcut using Intune

There are various way to deploy an application using Microsoft Intune. Most of the applications generally create a desktop shortcut Icon for users to launch the application easily. However, some of the third party / custom / In-house applications do not create a desktop shortcut. In that case, you can deploy a shortcut of the app using Intune.

Another scenario could be when you have upgraded an application and desktop shortcut of that application stops working. It could be due to broken path or links in the desktop shortcut. In that case, you can deploy a desktop shortcut by fixing the target path of the shortcut and deploy that shortcut on users devices using Intune.

You could have any other scenario / requirement for deployment of desktop shortcut. In this blog post, we will see how you can easily deploy a desktop shortcut using Microsoft Intune on Windows 10 or Windows 11 devices.

Please note that you can deploy a shortcut either on AllUsersDesktop which is also referred to as Public desktop on Windows 10 or Windows 11 devices. By creating this shortcut on AllUsersDesktop / Public desktop, we will make sure that the shortcut is available / visible to all the users who work on that device.

We will be using a powershell script which we will upload to Microsoft Endpoint Manager Portal and Push it to the end user devices in System context. Let’s see step by step how to create a desktop shortcut using Microsoft Intune.

Powershell script to create desktop shortcut

Let’s take an example of a Zoom app which we have already deployed on users devices. We would be creating a desktop shortcut of this app on public desktop using Intune. Public desktop location is C:\users\public\desktop.

You can use below script and given steps to deploy a shortcut of any other application by updating $TargetFile and $ShortcutFile variables. Copy the script code and save it in a .ps1 file. For example: Zoom_shortcut.ps1.

  • $TargetFile = Provide the target location of the shortcut. Update this variable to point it to the application executable.
  • $ShortcutFile = This variable provides – Where you want to create ths shortcut and whats would be the name of desktop shortcut. We are going to create desktop shortcut on Public desktop using below code.
$TargetFile = "C:\Program Files\Zoom\bin\Zoom.exe"
$ShortcutFile = "$env:Public\Desktop\Zoom_New.lnk"
$WScriptShell = New-Object -ComObject WScript.Shell
$Shortcut = $WScriptShell.CreateShortcut($ShortcutFile)
$Shortcut.TargetPath = $TargetFile
$Shortcut.Save()

If we deploy a desktop shortcut on Public desktop, the shortcut will be visible to all the users who will sign in to that device. However, if you do not want to deploy a desktop shortcut on the Public desktop and Instead want to deploy it on the desktop of User’s profile. You can use below powershell script code and use that to deploy a desktop shortcut.

Desktop path of User’s profile is C:\users<username>\desktop. If your desktop has been redirected to Onedrive then User’s profile desktop location will be C:\Users\<username>\OneDrive – myorg\Desktop where the shortcut will be created.

$TargetFile = "C:\Program Files\Zoom\bin\Zoom.exe"
$DesktopPath = [Environment]::GetFolderPath("Desktop")
$ShortcutFile = "$DesktopPath\Zoom_New.lnk"
$WScriptShell = New-Object -ComObject WScript.Shell
$Shortcut = $WScriptShell.CreateShortcut($ShortcutFile)
$Shortcut.TargetPath = $TargetFile
$Shortcut.Save()

Deploy Powershell Script to create desktop shortcut using Intune

We can deploy the powershell script file created in previous step on End user devices using Microsoft Intune. Please follow below steps to deploy powershell script on end user devices.

Add a powershell script in Intune
Microsoft Endpoint Manager Admin Center –> Devices -> Scripts

Basics Tab

Provide a Name and Description of the Policy.

  • Name: Create Zoom Desktop shortcut Icon
  • Description: This script will create Zoom Desktop Shortcut Icon on Public Desktop.

Script Settings

On Script settings, you can browse to script location to upload into Intune.

  • Script Location: Browse to the location where your powershell script is stored. Select powershell script.
  • Run this script using the loggedon credentials: Keep it at its default setting No. As we will run this script in System context not user context.
  • Enforce script signature check: Keep it at its default setting No.
  • Run script in 64 bit Powershell Host: Select Yes. This will run powershell script in 64-bit mode.
Add Powershell Script on Microsoft Endpoint Manager Admin Center
Add Powershell Script on Microsoft Endpoint Manager Admin Center

Assignments

On the Assignments tab Under Included groups, you can either add an Azure AD security group containing devices or click on + Add all devices to run this script on all end user devices which are managed by Intune.

Review + Add

Review the Summary Information and click on Add to Upload this Powershell script into Intune and Deploy / Execute it on End user devices.

End User Experience

At the target device, when Intune Device check-in process completes. Powershell script will be downloaded on users device and executed from that location. Powershell scripts are downloaded at C:\Program Files (x86)\Microsoft Intune Management Extension\Policies\Scripts location.

After Powershell script execution completes on the device, you will see a Desktop shortcut created under C:\users\Public\Desktop location. Desktop shortcuts created under Public desktop are visible to any user who logs on to that device.

Desktop Shortcut Created using Intune at C:\users\public\desktop location Intune
Desktop Shortcut Created using Intune at C:\users\public\desktop location

We can also check the Intune Management Extension log to check when exactly the script was executed and also in case of any issues we can check this log file to find the problem. Intune Management Extention log file is located at C:\ProgramData\Microsoft\IntuneManagementExtension\Logs location. Log File Name is: IntuneManagementExtension.log.

IntuneManagementExtension.log file showing the deployed Powershell script code
IntuneManagementExtension.log file showing the deployed Powershell script code

Conclusion

In this blog post, we have seen how you can deploy a desktop shortcut on end user devices. There are two locations where you can create a desktop shortcut. First option is to create a desktop shortcut at C:\users\public\deskop location which is a recommended option as it makes the shortcut visible for all the users who work on that device.

Second option is to deploy a desktop shortcut on the Desktop of User’s profile which would be C:\users<username>\desktop or C:\Users\<username>\OneDrive – myorg\Desktop. Shortcuts deployed under user’s profile will be visible only to that user.

Leave a Comment