Restrict users desktop on AVD-Hosts (local user-profiles)

Copper Contributor



I have a query regarding restricting user desktops to only allow read permissions. Our team attempted to achieve this goal by utilizing Group Policy Objects (GPOs) and adjusting the rights on the folder "%UserProfile%\Desktop". Regrettably, our efforts did not produce the desired outcome.

Hence, we would appreciate your guidance and insights on whether it is possible to realize this restriction using local user profiles. If so, we would be grateful for any recommended approaches or best practices to accomplish this effectively.


Thank you all for your time and expertise. Your assistance will be greatly valued.


1 Reply


Can further elaborate on the purpose of 'allow read permissions'?