Repeatedly, I face clients needing predefined desktop shortcuts for apps, sites, or web apps. To streamline distribution and updates, I devised a PowerShell script. It deploys desktop shortcuts via Intune, optionally with unique icons. This is encompassed in a win32 application for version control.

Table of Contents


Here you can find my template including two example links:

My solution offers the possibility of either using predefined links or maintaining them in a CSV.
You can simply store the predefined shortcuts under ".\Desktop". Make sure that if icons are stored, they only work as long as they are also available on the target system at the appropriate location.
In the CSV (link-list.csv) you only have to enter the shortcut name, the link and the icon. Place the icon in the "icon" folder.

Distribution - PowerShell Script

The entire distribution is handled by the "install.ps1" file.

In a first step I define the package name and the version. I also start a transcript of the process to have a log locally on the device.

$PackageName = "DesktopIcon_SLZ"
$Version = "1"

$Path_local = "$Env:Programfiles\MEM"
Start-Transcript -Path "$env:ProgramData\Microsoft\IntuneManagementExtension\Logs\$PackageName-install.log" -ForceCode language: PowerShell (powershell)

In the second step, I define and create the paths or folders that I need for the links and icons.

# Paths
$DesktopTMP = "$Path_local\Data\Desktop\$PackageName"
$DesktopIcons = "$Path_local\Data\icons\$PackageName"

# Create Folders
New-Item -Path $DesktopTMP -ItemType directory -force
New-Item -Path $DesktopIcons -ItemType directory -force
New-Item -Path "C:\Users\Public\Desktop" -ItemType directory -forceCode language: PowerShell (powershell)

Third, I remove possible previous versions of the package, its shortcuts on the desktop, and icons in the local folder.

# Remove old shortcuts and icons
$OLD_Items = Get-ChildItem -Path $DesktopTMP
foreach($OLD_Item in $OLD_Items){
    Remove-Item "C:\Users\Public\Desktop\$($OLD_Item.Name)" -Force
Remove-Item "$DesktopTMP\*" -Force
Remove-Item "$DesktopIcons\*" -ForceCode language: PowerShell (powershell)

In the fourth step I copy all predefined icons from the "Desktop" folder to the temporary local folder on the PC.

# Copy New shortcuts
Copy-Item -Path ".\Desktop\*" -Destination $DesktopTMP -Recurse
Copy-Item -Path ".\icons\*" -Destination $DesktopIcons -RecurseCode language: PowerShell (powershell)

Then I read in the CSV and also create the defined shortcuts in the temporary desktop folder.

# shortcuts from list
$shortcuts = Import-CSV "link-list.csv"
foreach($shortcut in $shortcuts){
    $WshShell = New-Object -comObject WScript.Shell
    $Shortcut_file = $WshShell.CreateShortcut("$DesktopTMP\$($")
    $Shortcut_file.TargetPath = $
    $Shortcut_file.IconLocation = "$DesktopIcons\$($shortcut.icon)"
}Code language: PowerShell (powershell)

After the copying process and the creation of all shortcuts, I copy them to the public desktop of the device.

# Copy icons to public Desktop
Copy-Item -Path "$DesktopTMP\*" -Destination "C:\Users\Public\Desktop" -RecurseCode language: PowerShell (powershell)

Finally, I create a file that acts as a detection rule and contains the version of my package. I also stop the transcript.

# Validation
New-Item -Path "$Path_local\Validation\$PackageName" -ItemType "file" -Force -Value $Version

Stop-TranscriptCode language: PowerShell (powershell)

The detection rule

The detection rule reads the validation file and its content and compares it with the version number. If everything is correct, this is reported to Intune. If you adjust the package name or the version in "install.ps1", you must also do this in "check.ps1".

$PackageName = "DesktopIcon_SLZ"
$Version = "1"
$Path_local = "$Env:Programfiles\MEM"
$ProgramVersion_current = Get-Content -Path "$Path_local\Validation\$PackageName"

if($ProgramVersion_current -eq $Version){
    Write-Host "Found it!"
}Code language: PowerShell (powershell)

Intune win32 package

With the Intune Win32 Prep Tool the package is created after the CSV and/or the desktop folder is filled:

intunewin desktop shortcut win32

We then upload the created "install.intunewin" file to MEM/Intune and set the appropriate parameters. (red mandatory, orange optional, but helpful if the company portal is used.)

NameDesktop shortcuts or individually
DescriptionNote on the links
Iconfreely selectable
installation command%SystemRoot%\sysnative\WindowsPowerShell\v1.0\powershell.exe -executionpolicy bypass -command .\install.ps1
uninstall command%SystemRoot%\sysnative\WindowsPowerShell\v1.0\powershell.exe -executionpolicy bypass -command .\uninstall.ps1
Conditionsx64 and 2004 (Windows version not relevant)
Detection rulecustom script, check.ps1
Assignmentdepending on requirements

Would you like to automatically upload the link(s) right away?
Then I have an article for you here: win32 app deployment automated

Installation Demo (Company Portal)

This is the installation process via the company portal, with the user initiating the installation. Distribution via targeting also works. The process of using Intune to distribute a desktop shortcut with an icon is so very simple and practical. Updates are also implemented quickly.

demo win32 intune desktop shortcut