You can easily create desktop shortcuts using Intune on Windows 10/11 devices at Public desktop location or User’s profile desktop location. A standard users may not have the permissions to delete desktop shortcuts from C:\Users\Public\Desktop location, but have the permission to delete desktop shortcuts from user’s profile folder.
In this blog post, we will demonstrate how to delete desktop shortcuts of applications, including web lists shortcuts, using Intune and PowerShell scripts from below two locations.
- Public desktop location (C:\users\public\desktop).
- Users profile desktop location (C:\users\<username>\desktop) or C:\Users\<username>\OneDrive – <org>\Desktop, if Windows known folders are redirected to OneDrive.
Contents
Prepare the PowerShell Scripts
I have created three PowerShell scripts for deleting desktop shortcuts via Intune. You can click on below link to download script files from my GitHub repo and use it to delete desktop shortcuts.
- Delete_Desktop_Shortcuts_UsersProfile.ps1: Use this script if you want to delete desktop shortcuts only from user’s profile location, which may or may not be redirected to OneDrive.
- Delete_Desktop_Shortcuts_Public.ps1: Use this script if you want to delete desktop shortcuts only from Public desktop location.
- Delete_Desktop_Shortcuts_Both.ps1: Use this script if you want to delete desktop shortcuts only from Public desktop location and also from User’s profile desktop location.
Important Points About the Script
- Script can delete a single or multiple desktop shortcuts, depending upon the input in the
$ShortcutFilesvariable.
- If you delete desktop shortcuts from C:\users\public\desktop location, it will be removed from the desktop of all users who use the device.
- If you have re-directed Windows known folders (KFM) to OneDrive and you use Delete_Desktop_Shortcuts_UsersProfile.ps1 script to delete desktop shortcuts. Shortcuts will be deleted from C:\Users\<username>\OneDrive – <org>\Desktop.
- You only need to update
$ShortcutFilesto provide the list of shortcuts you want to delete. You can also include web link shortcuts or any other files you want to remove from desktop. For example: $env:Public\Desktop\dailylog.txt or $env:Public\Desktop\webapp.html.
$ShortcutFiles = @(
"$env:Public\Desktop\chrome.lnk",
"$env:Public\Desktop\bitwarden.lnk",
"$env:Public\Desktop\filezilla.lnk"
)Deploy PowerShell Script to Delete Desktop Shortcuts
- Sign in to the Intune admin center > Devices > Scripts and remediations > Platform Scripts.
- Click on + Add and then Select Windows 10 and later.
- Basics: Provide a Name and Description of the deployment.
- Script settings: Browse and select the script file. For deleting desktop shortcuts from Public desktop location, select Delete_Desktop_Shortcuts_Public.ps1 script file and configure script settings as shown in below screenshot:
- If you want to delete desktop shortcuts from user’s profile desktop location (C:\users\<username>\desktop or C:\Users\<username>\OneDrive – <org>\Desktop) then you can browse to Delete_Desktop_Shortcuts_UsersProfile.ps1 script file and configure script settings as shown in below screenshot:
- Assignments – Click on Add Groups and add an Entra security group containing Windows devices.
- Review + add – Review the information and click Add to start the deployment process.
Monitor PowerShell Script Deployment
To verify the status of PowerShell script execution from the Intune admin center, follow the below steps:
- Sign in to the Intune admin center > Devices > Scripts and remediations > Platform Scripts. Click on the Script deployment and go to the Overview page to find the status.
For other ways to check and confirm the status of a PowerShell script, you can refer to the section #Verify PowerShell Script Execution Status of the blog post, How to deploy a PowerShell script using Intune.
Sync Intune Policies
The device check-in process might not begin immediately. If you’re testing this policy on a test device, you can manually kickstart the Intune sync either from the device itself or remotely through the Intune admin center.
Alternatively, you can use PowerShell to force the Intune sync on Windows devices. Another way to trigger the Intune device check-in process is by restarting the device.
End User Experience
After you create PowerShell script deployment on Intune, desktop shortcuts will be deleted from either Public desktop location or User’s profile desktop location, depending upon the PowerShell script used.
Conclusion
In this blog post, we’ve discussed the process of deleting desktop shortcuts from C:\Users\Public\Desktop location, and from C:\Users\<username>\Desktop or C:\Users\<username>\OneDrive – myorg\Desktop location.
The steps provided in this blog post are not limited to just deleting desktop shortcuts. You can customize the script to target any file location and type. For example, if you want to remove a file, such as C:\Temp\testfile.txt or D:\Human Resources\dailylog.xlsx, you can easily customize the PowerShell script to target these files.
