The method I will be using will also work if you just want to create a shortcut for the default browser, but with some minor differences. For my use case here we had a web app that worked better in Chrome – which unfortunately is not the company standard browser. There’s some great documentation out there for the method I will be using, but I have found some weird quirks that are not documented and left me scratching my head for a while. I figured I’d save the next guy some trouble. My work environment uses a Windows Server 2008 R2 box as its’ primary domain controller. If you’re using my reference guide on a newer OS some of these settings might be different. Let’s get started.
Creating the Group Policy Object
First you’re going to create a New Group Policy Object, and then right-click it and select Edit.
Then you’re going to navigate to User Configuration > Preferences > Windows Settings > Shortcuts. If you don’t care who gets this shortcut, you can follow the same instructions but create it under Computer Configuration instead.
From menu select Actions > New > Shortcut. The dialogue below will appear.
Here is a sample of the settings that I used for my use case.
|Target Type||File System Object|
|Location||Specify full path|
|Target Path||“C:\Program Files (x86)\Google\Chrome\Application\chrome.exe”|
|Icon File Path||\\MyServer\Folder1\IconFile.ico|
Target Type can be changed to URL if you are ok with the link opening in the default browser.
Location can be changed to some other interesting options, but for my use case I needed each user to have the shortcut on their desktop. Our users do not have permissions to write to the All Users or Default user profiles, and so the quick options under location did not work for me and I got some error codes while attempting to push it out.
Make sure that the Icon File Path is in a location that all users can access and is a .ico file, otherwise the icon will be blank.
Other tutorials on the web that mention how to create a web shortcut that opens a non-default browser on your local machine will have you put the executable path and the web URL in the target path and also have you use quotes when describing the target path for the executable – both of these will not work when creating a GPO. This took me the better part of an hour to deduce due to the less than descriptive error code…
Linking the GPO
After you have all your settings in place click Apply and then OK. Close the Group Policy Management Editor and get back into the Group Policy Management. Here’s where your use case comes into play. If you don’t care who gets the shortcut, link the GPO at the top of your domain by right-clicking the location you want it in and select Link Existing GPO then select the one you made.
Deploying to Specific Users
If you only want to deploy this to specific users you can do some filtering with security groups. For my use case I created a security group in Active Directory named similarly to “Web App Users” and then added the target users as members of that group.
In Group Policy Management you can then add the security group as a filter.
Allow some time for the new policy to propagate throughout the network. If you want to test on a target user, have them log in and run: