SOLVED

deleting a shortcut on desktop via intune

Super Contributor

Hi all,

 

How do I delete a shortcut via intune? 

 

I have created a shortcut using powershell but I had to update the URL which seems to have broke the shortcut so need to delete it and redeploy a new shortcut. 

 

Please help!

 

 

 

30 Replies
You can run a Remediation script on your devices with a detection and remove script (If you have Windows Enterprise) or run a script (https://endpoint.microsoft.com/#blade/Microsoft_Intune_DeviceSettings/DevicesMenu/powershell) which is just a "remove-item c:\users\public\desktop\shortcut.url" The last will run only once if succesful and is perhaps the fasted method now I guess?
Just trying this now! thank you. I will let you know how I get on

Hi @Harm_Veenstra 

 

I have had it running for a while now. I have passed the Detection with no issues but the remediation hasnt run yet and its been like 4 hours: 

 

Screenshot 2022-03-14 at 3.03.58 PM.png

 

I used https://www.imab.dk/remove-desktop-shortcuts-for-the-current-user-and-public-profile-using-powershel... for help 

 

Any ideas? 

Could you share the detection and remediation script? Anything showing in the logs of a client? (And it is a Windows 10/11 Enterprise machine?)

Hi @Harm_Veenstra 

 

Remediation:

 <#

.SYNOPSIS

    Detect and remove desktop shortcuts using Proactive Remediations in Microft Endpoint Manager. 

   

.DESCRIPTION

    Detect and remove desktop shortcuts using Proactive Remediations in Microft Endpoint Manager.

    Shortcuts on All Users desktop (public desktop) or the current user's desktop can be detected and removed.

 

.NOTES

    Filename: Remediation-DeleteShortcuts.ps1

    Version: 1.0

    Author: Martin Bengtsson

    Blog: www.imab.dk

    Twitter: @mwbengtsson

 

.LINK

    https://imab.dk/remove-desktop-shortcuts-for-the-current-user-and-public-profile-using-powershell-an...   

#>

 

#region Functions

#Getting the current user's username by querying the explorer.exe process

function Get-CurrentUser() {

    try { 

        $currentUser = (Get-Process -IncludeUserName -Name explorer | Select-Object -First 1 | Select-Object -ExpandProperty UserName).Split("\")[1] 

    } 

    catch { 

        Write-Output "Failed to get current user." 

    }

    if (-NOT[string]::IsNullOrEmpty($currentUser)) {

        Write-Output $currentUser

    }

}

#Getting the current user's SID by using the user's username

function Get-UserSID([string]$fCurrentUser) {

    try {

        $user = New-Object System.Security.Principal.NTAccount($fcurrentUser) 

        $sid = $user.Translate([System.Security.Principal.SecurityIdentifier]) 

    }

    catch { 

        Write-Output "Failed to get current user SID."   

    }

    if (-NOT[string]::IsNullOrEmpty($sid)) {

        Write-Output $sid.Value

    }

}

#Getting the current user's desktop path by querying registry with the user's SID

function Get-CurrentUserDesktop([string]$fUserRegistryPath) {

    try {

        if (Test-Path -Path $fUserRegistryPath) {

            $currentUserDesktop = (Get-ItemProperty -Path $fUserRegistryPath -Name Desktop -ErrorAction Ignore).Desktop

        }

    }

    catch {

        Write-Output "Failed to get current user's desktop"

    }

    if (-NOT[string]::IsNullOrEmpty($currentUserDesktop)) {

        Write-Output $currentUserDesktop

    }   

}

#endregion

#region Execution

try {

    #Edit here with names of the shortcuts you want removed

    $shortCutNames = @(

        "*WiFi Connect*"

    )

    #Create empty array for shortcutsFound

    $shortcutsFound = @()

    #Retrieving current user and current user's SID

    $currentUser = Get-CurrentUser

    $currentUserSID = Get-UserSID $currentUser

    # Getting the AllUsers desktop path

    $allUsersDesktop = [Environment]::GetFolderPath("CommonDesktopDirectory")

    $userRegistryPath = "Registry::HKEY_USERS\$($currentUserSID)\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders"

    $currentUserDesktop = Get-CurrentUserDesktop $userRegistryPath

 

    if (Test-Path -Path $allUsersDesktop) {

        foreach ($ShortcutName in $shortCutNames) {

           $shortCutsFound += Get-ChildItem -Path $allUsersDesktop -Filter *.lnk | Where-Object {$_.Name -like $shortCutName}

        }

    }

    if (Test-Path -Path $currentUserDesktop) {

        foreach ($ShortcutName in $shortCutNames) {

           $shortCutsFound += Get-ChildItem -Path $currentUserDesktop -Filter *.lnk | Where-Object {$_.Name -like $shortCutName}

        }

    }

    if (-NOT[string]::IsNullOrEmpty($shortcutsFound)) {

        Write-Output "Desktop shortcuts found. Returning True"

        $shortcutsFoundStatus = $true

 

    }

    elseif ([string]::IsNullOrEmpty($shortcutsFound)) {

        Write-Output "Desktop shortcuts NOT found. Returning False"

        $shortcutsFoundStatus = $false

    }

}

catch { 

    Write-Output "Something went wrong during running of the script. Variable values are: $currentUser,$currentUserSID,$allUsersDesktop,$currentUserDesktop"

}

 

finally { 

    if ($shortcutsFoundStatus -eq $true) {

        Write-Output "shortcutsFoundStatus equals True. Removing shortcuts..."

        foreach ($shortcut in $shortcutsFound) {

            try {

                Remove-Item -Path $shortcut.FullName

            }

            catch {

                Write-Output "Failed to remove shortcut: $($shortcut.Name)"

            }

        }

    }

    elseif ($shortcutsFoundStatus -eq $false) {

        Write-Output "shortcutsFoundStatus equals False. Doing nothing"

    }

}

#endregion 

 

Detection: 

 

 <#

.SYNOPSIS

    Detect and remove desktop shortcuts using Proactive Remediations in Microft Endpoint Manager. 

   

.DESCRIPTION

    Detect and remove desktop shortcuts using Proactive Remediations in Microft Endpoint Manager.

    Shortcuts on All Users desktop (public desktop) or the current user's desktop can be detected and removed.

 

.NOTES

    Filename: Detection-DeleteShortcuts.ps1

    Version: 1.0

    Author: Martin Bengtsson

    Blog: www.imab.dk

    Twitter: @mwbengtsson

 

.LINK

    https://imab.dk/remove-desktop-shortcuts-for-the-current-user-and-public-profile-using-powershell-an...

#>

 

#region Functions

#Getting the current user's username by querying the explorer.exe process

function Get-CurrentUser() {

    try { 

        $currentUser = (Get-Process -IncludeUserName -Name explorer | Select-Object -First 1 | Select-Object -ExpandProperty UserName).Split("\")[1] 

    } 

    catch { 

        Write-Output "Failed to get current user." 

    }

    if (-NOT[string]::IsNullOrEmpty($currentUser)) {

        Write-Output $currentUser

    }

}

#Getting the current user's SID by using the user's username

function Get-UserSID([string]$fCurrentUser) {

    try {

        $user = New-Object System.Security.Principal.NTAccount($fcurrentUser) 

        $sid = $user.Translate([System.Security.Principal.SecurityIdentifier]) 

    }

    catch { 

        Write-Output "Failed to get current user SID."   

    }

    if (-NOT[string]::IsNullOrEmpty($sid)) {

        Write-Output $sid.Value

    }

}

#Getting the current user's desktop path by querying registry with the user's SID

function Get-CurrentUserDesktop([string]$fUserRegistryPath) {

    try {

        if (Test-Path -Path $fUserRegistryPath) {

            $currentUserDesktop = (Get-ItemProperty -Path $fUserRegistryPath -Name Desktop -ErrorAction Ignore).Desktop

        }

    }

    catch {

        Write-Output "Failed to get current user's desktop"

    }

    if (-NOT[string]::IsNullOrEmpty($currentUserDesktop)) {

        Write-Output $currentUserDesktop

    }   

}

#endregion

#region Execution

try {

    #Edit here with names of the shortcuts you want removed

    $shortCutNames = @(

        "*WiFi Connect*"

    )

    #Create empty array for shortcutsFound

    $shortcutsFound = @()

    #Retrieving current user and current user's SID

    $currentUser = Get-CurrentUser

    $currentUserSID = Get-UserSID $currentUser

    # Getting the AllUsers desktop path

    $allUsersDesktop = [Environment]::GetFolderPath("CommonDesktopDirectory")

    $userRegistryPath = "Registry::HKEY_USERS\$($currentUserSID)\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders"

    $currentUserDesktop = Get-CurrentUserDesktop $userRegistryPath

 

    if (Test-Path -Path $allUsersDesktop) {

        foreach ($ShortcutName in $shortCutNames) {

           $shortCutsFound += Get-ChildItem -Path $allUsersDesktop -Filter *.lnk | Where-Object {$_.Name -like $shortCutName}

        }

    }

    if (Test-Path -Path $currentUserDesktop) {

        foreach ($ShortcutName in $shortCutNames) {

           $shortCutsFound += Get-ChildItem -Path $currentUserDesktop -Filter *.lnk | Where-Object {$_.Name -like $shortCutName}

        }

    }

    if (-NOT[string]::IsNullOrEmpty($shortcutsFound)) {

        Write-Output "Desktop shortcuts found. Returning True"

        $shortcutsFoundStatus = $true

 

    }

    elseif ([string]::IsNullOrEmpty($shortcutsFound)) {

        Write-Output "Desktop shortcuts NOT found. Returning False"

        $shortcutsFoundStatus = $false

    }

}

catch { 

    Write-Output "Something went wrong during running of the script. Variable values are: $currentUser,$currentUserSID,$allUsersDesktop,$currentUserDesktop"

}

 

finally { 

    if ($shortcutsFoundStatus -eq $true) {

        Write-Output "shortcutsFoundStatus equals True. Exiting with 1"

        exit 1

    }

    elseif ($shortcutsFoundStatus -eq $false) {

        Write-Output "shortcutsFoundStatus equals False. Exiting with 0"

        exit 0  

    }

}

#endregion 

 

For logs I couldnt see much but is it the intunemanagementextension document I need to check?

 

 

 

 

That or the AgentExecutor logfile
Okay thanks I’ll take a look tomorrow when I have the device again!

Is there another way from just powershell scripts area / configuration policies that will do the same thing ? Just incase I can’t figure this out
Scripts in Devices should also work, if you know the filename and it only has to run once.. ("remove-item c:\users\public\desktop\shortcut.url")
Hi

This doesnt work for me, the shortcuts are in C:\users\theuser\Desktop

Is there a way I can create a script to delete it via the user logged in's desktop?
Scripts work as system, so that's not going to work indeed. So, Remediation is an option but you have issues doing that somehow now... You could also create a Win32 package and run that as user to delete the file but.. Detection is done as system there, you could create a file in c:\programdata\company\shortcutdelete\shortcut.txt somehting and check on that. If not there, run the install.cmd from the Win32 package which deletes the file from the desktop and creates the shortcut.txt file so that is does not run again..

But.. You're main question was: "I have created a shortcut using powershell but I had to update the URL which seems to have broke the shortcut so need to delete it and redeploy a new shortcut. " You could create a new package which deletes the old shortcut/replaces the shortcut and does a detection on a file like I mentioned before?
How would I do this? either option would be fine I just really need to get this shortcut off as the link doesnt seem to be replaced with the correct one.

I used this site/script to create the shortcut: https://www.thelazyadministrator.com/2019/11/14/deploy-web-link-shortcuts-to-the-desktop-and-start-m...

So im guessing the win package would point to a script? What would the script contain? to delete from users desktop? Would I create a detection file with the win32 app or after so that the shortcuts deleted first ?

@AB21805 Remediation script would be better, it's more difficult running a uninstall and detection for user things... 

 

Detection script

if (Test-Path -Path $env:USERPROFILE\Desktop\shortcut.lnk) {
   write-Host Found shortcut
   exit 1
}
Else {
   Write-Host Shortcut not found
   exit 0
}

Remediation script:

Remove-Item $env:USERPROFILE\Desktop\shortcut.lnk -Force:$true

Hi @Harm_Veenstra 

 

Does this look correct? Screenshot 2022-03-15 at 10.36.13 AM.png

 

Dont know whats at the beginning of each script with those random symbols as I didnt include that when putting scripts in powershell

It should be like it is in my post, I think copy/paste destroyed the formatting in the first line
so strange today any code I make in powershell and upload to proactive analytics area in endpoint comes up with those random code ill try using visual studio
Ok.. Just put in a Notepad and copy/paste from there perhaps?

All set up 

 

Are the config correct like 64 bit powershell? 

 

Screenshot 2022-03-15 at 11.29.24 AM.png

I don't think it really matters in this case what version you use, you're client are all 64bit I guess ;)
yes they are! I will let you know how I get on with this! Thanks again!