locked
How can I hide shortcuts for groups that are unauthorised? RRS feed

  • Question

  • Cause we're using a Mandatory Profile and like to have SCCM advertise the shortcuts everytime it can't find the shortcuts, I've created a powershell script that will delete all the scheduler history when a user logs off windows. When logging in again the shortcuts are set again.


    Another issue I'm dealing with are my MSI's. I've got a scenario in my head, but can't get it worked out atm.

    We're using a program that will let us manage our roaming files for the users. But then Mandatory profile must be set.
    So now we've got the solution for our virtual applications, they come up whenever a user logs in right now.

    When a MSI in this situation is installed, then the shortcuts will be placed in the "all users" start menu folder. So this will place the shortcut to the particular machine a user has logged on to. We're using that particular program to let specific data roam with them to another computer (like settings of that program). I love the way the MSI places an advertised shortcut, cause then the usersetting can be set to the user profile cause the MSI wil repair itself when the advertised shortcut is set. So this part is also fixed...

    Because several people will take place behind the desktop and have their own applications to install. All the shortcuts of the MSI's will be placed in the all users start menu. Not everybody may use all the applications that are fysically installed on that computer, so we've placed some security groups on the folders and shortcuts. But all the shortcuts of all the MSI's locally installed with shortcuts in the all users start menu are visible to everyone.

    Is it possible in some sort of way to hide the shortcuts to the people that do not have the right to use it?

    Or is it possible that windows will show the shortcut only if the application is available. Cause then we'll set some rights on the folder of the application itself. I know that the GPO will only deploy the shortcut if the application is reachable.

    Friday, May 20, 2011 4:31 PM

Answers

  • This issue is solved. We will place the shortcuts locally on every machine to a custom folder. And place security groups on those shortcuts.
    When a user logs onto the computer a script will copy all the scripts from this folder to the user start menu\programs folder. Cause the user can't access the folder he's not authorised to, the shortcuts will not be copied into the start menu of the user.

    Now the MSI shortcut issue is solved!

    • Marked as answer by skipdaflip Monday, May 23, 2011 7:13 PM
    Monday, May 23, 2011 7:13 PM