Forum Discussion
deleting a shortcut on desktop via intune
AB21805 Changed it to handle both situations:
Detection:
$desktop = [Environment]::GetFolderPath("Desktop") if (Test-Path -Path "$($desktop)\Wifi Connect.lnk") { write-Host Found shortcut exit 1 } Else { Write-Host Shortcut not found exit 0 }Remediation:
$desktop = [Environment]::GetFolderPath("Desktop") Remove-Item -Path "$($desktop)\Wifi Connect.lnk" -Force:$true
Could you share the detection and remediation script? Anything showing in the logs of a client? (And it is a Windows 10/11 Enterprise machine?)
Remediation:
<#
.SYNOPSIS
Detect and remove desktop shortcuts using Proactive Remediations in Microft Endpoint Manager.
.DESCRIPTION
Detect and remove desktop shortcuts using Proactive Remediations in Microft Endpoint Manager.
Shortcuts on All Users desktop (public desktop) or the current user's desktop can be detected and removed.
.NOTES
Filename: Remediation-DeleteShortcuts.ps1
Version: 1.0
Author: Martin Bengtsson
Blog: www.imab.dk
Twitter: @mwbengtsson
.LINK
#>
#region Functions
#Getting the current user's username by querying the explorer.exe process
function Get-CurrentUser() {
try {
$currentUser = (Get-Process -IncludeUserName -Name explorer | Select-Object -First 1 | Select-Object -ExpandProperty UserName).Split("\")[1]
}
catch {
Write-Output "Failed to get current user."
}
if (-NOT[string]::IsNullOrEmpty($currentUser)) {
Write-Output $currentUser
}
}
#Getting the current user's SID by using the user's username
function Get-UserSID([string]$fCurrentUser) {
try {
$user = New-Object System.Security.Principal.NTAccount($fcurrentUser)
$sid = $user.Translate([System.Security.Principal.SecurityIdentifier])
}
catch {
Write-Output "Failed to get current user SID."
}
if (-NOT[string]::IsNullOrEmpty($sid)) {
Write-Output $sid.Value
}
}
#Getting the current user's desktop path by querying registry with the user's SID
function Get-CurrentUserDesktop([string]$fUserRegistryPath) {
try {
if (Test-Path -Path $fUserRegistryPath) {
$currentUserDesktop = (Get-ItemProperty -Path $fUserRegistryPath -Name Desktop -ErrorAction Ignore).Desktop
}
}
catch {
Write-Output "Failed to get current user's desktop"
}
if (-NOT[string]::IsNullOrEmpty($currentUserDesktop)) {
Write-Output $currentUserDesktop
}
}
#endregion
#region Execution
try {
#Edit here with names of the shortcuts you want removed
$shortCutNames = @(
"*WiFi Connect*"
)
#Create empty array for shortcutsFound
$shortcutsFound = @()
#Retrieving current user and current user's SID
$currentUser = Get-CurrentUser
$currentUserSID = Get-UserSID $currentUser
# Getting the AllUsers desktop path
$allUsersDesktop = [Environment]::GetFolderPath("CommonDesktopDirectory")
$userRegistryPath = "Registry::HKEY_USERS\$($currentUserSID)\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders"
$currentUserDesktop = Get-CurrentUserDesktop $userRegistryPath
if (Test-Path -Path $allUsersDesktop) {
foreach ($ShortcutName in $shortCutNames) {
$shortCutsFound += Get-ChildItem -Path $allUsersDesktop -Filter *.lnk | Where-Object {$_.Name -like $shortCutName}
}
}
if (Test-Path -Path $currentUserDesktop) {
foreach ($ShortcutName in $shortCutNames) {
$shortCutsFound += Get-ChildItem -Path $currentUserDesktop -Filter *.lnk | Where-Object {$_.Name -like $shortCutName}
}
}
if (-NOT[string]::IsNullOrEmpty($shortcutsFound)) {
Write-Output "Desktop shortcuts found. Returning True"
$shortcutsFoundStatus = $true
}
elseif ([string]::IsNullOrEmpty($shortcutsFound)) {
Write-Output "Desktop shortcuts NOT found. Returning False"
$shortcutsFoundStatus = $false
}
}
catch {
Write-Output "Something went wrong during running of the script. Variable values are: $currentUser,$currentUserSID,$allUsersDesktop,$currentUserDesktop"
}
finally {
if ($shortcutsFoundStatus -eq $true) {
Write-Output "shortcutsFoundStatus equals True. Removing shortcuts..."
foreach ($shortcut in $shortcutsFound) {
try {
Remove-Item -Path $shortcut.FullName
}
catch {
Write-Output "Failed to remove shortcut: $($shortcut.Name)"
}
}
}
elseif ($shortcutsFoundStatus -eq $false) {
Write-Output "shortcutsFoundStatus equals False. Doing nothing"
}
}
#endregion
Detection:
<#
.SYNOPSIS
Detect and remove desktop shortcuts using Proactive Remediations in Microft Endpoint Manager.
.DESCRIPTION
Detect and remove desktop shortcuts using Proactive Remediations in Microft Endpoint Manager.
Shortcuts on All Users desktop (public desktop) or the current user's desktop can be detected and removed.
.NOTES
Filename: Detection-DeleteShortcuts.ps1
Version: 1.0
Author: Martin Bengtsson
Blog: www.imab.dk
Twitter: @mwbengtsson
.LINK
#>
#region Functions
#Getting the current user's username by querying the explorer.exe process
function Get-CurrentUser() {
try {
$currentUser = (Get-Process -IncludeUserName -Name explorer | Select-Object -First 1 | Select-Object -ExpandProperty UserName).Split("\")[1]
}
catch {
Write-Output "Failed to get current user."
}
if (-NOT[string]::IsNullOrEmpty($currentUser)) {
Write-Output $currentUser
}
}
#Getting the current user's SID by using the user's username
function Get-UserSID([string]$fCurrentUser) {
try {
$user = New-Object System.Security.Principal.NTAccount($fcurrentUser)
$sid = $user.Translate([System.Security.Principal.SecurityIdentifier])
}
catch {
Write-Output "Failed to get current user SID."
}
if (-NOT[string]::IsNullOrEmpty($sid)) {
Write-Output $sid.Value
}
}
#Getting the current user's desktop path by querying registry with the user's SID
function Get-CurrentUserDesktop([string]$fUserRegistryPath) {
try {
if (Test-Path -Path $fUserRegistryPath) {
$currentUserDesktop = (Get-ItemProperty -Path $fUserRegistryPath -Name Desktop -ErrorAction Ignore).Desktop
}
}
catch {
Write-Output "Failed to get current user's desktop"
}
if (-NOT[string]::IsNullOrEmpty($currentUserDesktop)) {
Write-Output $currentUserDesktop
}
}
#endregion
#region Execution
try {
#Edit here with names of the shortcuts you want removed
$shortCutNames = @(
"*WiFi Connect*"
)
#Create empty array for shortcutsFound
$shortcutsFound = @()
#Retrieving current user and current user's SID
$currentUser = Get-CurrentUser
$currentUserSID = Get-UserSID $currentUser
# Getting the AllUsers desktop path
$allUsersDesktop = [Environment]::GetFolderPath("CommonDesktopDirectory")
$userRegistryPath = "Registry::HKEY_USERS\$($currentUserSID)\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders"
$currentUserDesktop = Get-CurrentUserDesktop $userRegistryPath
if (Test-Path -Path $allUsersDesktop) {
foreach ($ShortcutName in $shortCutNames) {
$shortCutsFound += Get-ChildItem -Path $allUsersDesktop -Filter *.lnk | Where-Object {$_.Name -like $shortCutName}
}
}
if (Test-Path -Path $currentUserDesktop) {
foreach ($ShortcutName in $shortCutNames) {
$shortCutsFound += Get-ChildItem -Path $currentUserDesktop -Filter *.lnk | Where-Object {$_.Name -like $shortCutName}
}
}
if (-NOT[string]::IsNullOrEmpty($shortcutsFound)) {
Write-Output "Desktop shortcuts found. Returning True"
$shortcutsFoundStatus = $true
}
elseif ([string]::IsNullOrEmpty($shortcutsFound)) {
Write-Output "Desktop shortcuts NOT found. Returning False"
$shortcutsFoundStatus = $false
}
}
catch {
Write-Output "Something went wrong during running of the script. Variable values are: $currentUser,$currentUserSID,$allUsersDesktop,$currentUserDesktop"
}
finally {
if ($shortcutsFoundStatus -eq $true) {
Write-Output "shortcutsFoundStatus equals True. Exiting with 1"
exit 1
}
elseif ($shortcutsFoundStatus -eq $false) {
Write-Output "shortcutsFoundStatus equals False. Exiting with 0"
exit 0
}
}
#endregion
For logs I couldnt see much but is it the intunemanagementextension document I need to check?
- That or the AgentExecutor logfile
- Okay thanks I’ll take a look tomorrow when I have the device again!
Is there another way from just powershell scripts area / configuration policies that will do the same thing ? Just incase I can’t figure this out- Scripts in Devices should also work, if you know the filename and it only has to run once.. ("remove-item c:\users\public\desktop\shortcut.url")
