Using Group Policies, you can create a shortcut to a specific app on the desktops of all (or certain) domain users. GPO allows you to create a shortcut for a locally installed app, a URL, an executable file on a shared network folder or a domain controller (the NETLOGON folder).
In this post we will show you how to create multiple shortcuts on a user’s desktop using Group Policy Preferences (available starting with Windows Server 2008 R2). In the same way you can create shortcuts in Windows 10 Start Menu or Quick Access Toolbar.
- Open the Group Policy Management Console (
gpmc.msc), right-click an AD container (Organizational Unit) you want to apply a shortcut creation policy to and create a new policy (a GPO object) named CreateShortcut;
- Right-click on the created policy and select Edit;
- Go to the Group Policy Preferences section: User Configuration –> Preferences -> Windows Settings -> Shortcuts. Click it and select New -> Shortcut;
- Create a new shortcut item with the following settings:
File System Object(you can select a URL or a Shell object here)
In this example, we will put a shortcut only on the desktop of the current user. Here you can choose where to place your shortcut: Start Menu, Startup or All User Desktops.
C:\Install\TCPView\Tcpview.exe(a path to the file you want to create a shortcut for)
Icon file path:
C:\Install\TCPView\Tcpview.exe(a path to the shortcut icon)
- If you have selected to place the shortcut on the Desktop of the current user (Location = Desktop), check the Run in logged-on user’s security context (user policy option) on the Common tab;
- If you want to create a shortcut for specific users only, add their accounts to a separate AD domain group. Then you can use Group Policy Targeting to deploy a shortcut to members of that security group. Enable the Item-level targeting and click the Targeting button. Select New Item -> Security Group and choose the domain group. As a result, the application shortcut will appear only for users added to the specified Active Directory security group;
- If you want to create an app shortcut in the Public profile (for all computer users), select Location = All User Desktop (disable the “Run in logged-on user’s security context” option since non-admin users do not have the permissions to modify the Public profile);
- Save the changes. Note that Desktop (
%DesktopDir%) and All User Desktop (
%CommonDesktopDir%) environment variables are displayed in the GPO console;
- Update the policies on your clients (
gpupdate /forceor by logoff/logon). If you have linked a GPO to an Organizational Unit containing computer objects (instead of users), you must also enable the GPO loopback option. Set Configure user Group Policy loopback processing mode =
Mergein Computer Configuration -> Policies -> Administrative Templates -> System -> Group Policy.
- After the policies have been updated, a user will see a new shortcut on the desktop;
You can add multiple rules to creating app shortcuts for different groups of users, computers or OUs in a single GPO (you can set different criteria of applying a shortcut policy using GPP Item Level Targeting).
Let’s add the
Logoff shortcut (with the shutdown.exe command) to the desktops of all users to let them quickly end their session.
Create a new policy item with the following settings:
- Name = “
- Location = “
All Users Desktop”
- Target Path =
- Icon File Path =
(Use the standard library with the commonly used Windows icons. Select the icon you want in the DLL file. Its index will appear in the Icon Index field.)
Using Group Policies, you can also configure the same Start Menu and Taskbar layout for all users in the way you want.