I'm implementing folder redirection on a network for the Desktop and Start Menu. The folder redirection works great except the computers display both the network folder that has the desktop and start menu, and it also has the local folder. I don't want the local desktop and start menu to display... only the network version of it. How can I hide the local desktop and start menu (unless GP is removed... then it can come back.)
This'll be a semi-lame answer, but look closer at the GPO, I know the option is there. It's called 'Hide My Computer' and so on. I think that's what you're after.
I don't mind a "lame" answer. I figure it has to be in the group policy and I'm missing it, or it's under a name I wouldn't think to check.
I don't think that will work though... for instance, I can select the option to just hide the "my computer" icon... but that's only one icon. I have MS Word, Powerpoint, etc. that is on the desktop for all the computers. I also have group policy that has those icons on it. I only want the group policy icons show up so only one version of the icon is there. The reason why I duplicated it is because if one student deletes the icon for Word (which happens a lot), then no one can launch it. This way with folder redirection and NTFS permissions, no one can delete the icons anymore. But there has to be a way to just hide all the icons on the desktop that are in the c:\doc and settings\all users\desktop folder (and the same for the start menu.) I only want it to show what is on the fileshare's location.
I just tried the "hide desktop icons" option in group policy and that hid even the ones I was redirecting. I then used registry edit to hide the desktop icons (hoping the local registry would only hide the local desktop icons and leave the redirected ones...) it hid all the icons too.
I was searching for the same thing as you and found nothing.
So I figured out an elegant way to do this with Group Policy on my own.
I used The GP File System (Computer Configuration > Windows Settings > Security Settings > File System) and added %AllUsersProfile%\Desktop and %AllUsersProfile%\Start Menu and set the security on these to Deny Read/Execute/List for the user (or group) in question.
This works great, now they see their Desktop and Start Menu items, but not the All Users ones.
mitchb, I think that would work. It seems so weird that Microsoft wouldn't put that in there... but they didn't. So, I can't see that not working perfect. I'll give it a try next time I'm at the school. Thank You!!!
Ad Choices