Microsoft didn't provide a great way of removing this functionality. Fortunately there are many in the comunity that are sharp and figured this out on their own.
Thanks to Marco Sues from this Citrix thread for the solutions: http://forums.citrix.com/thread.jspa?threadID=266828
From this we're able to quickly add the necessary keys into GPO for all our Citrix servers to remove the undesired libraries for both x64 and x32. In addition to adding the keys you also need to give SYSTEM full control over the shellfolder. This can be done if you use Computer Config/Policies/ Windows Settings/Security Settings/Registry to change the permissions. Use GPO preferences to update the attributes keys.
Favorites:
x64 = HKEY_CLASSES_ROOT\CLSID\{323CA680-C2
x32 = HKEY_LOCAL_MACHINE\Software\Wow6432Node\CLSID\{323CA680-C2
for both
Attribute
dword / hex
Libraries:
x64 = HKEY_CLASSES_ROOT\CLSID\{031E4
x32 = HKEY_LOCAL_MACHINE\Software\Wow6432Node\CLSID\{031E4
for both
Attribute
dword / hex
Network:
x64 = HKEY_CLASSES_ROOT\CLSID\{F02C1
x32 = HKEY_LOCAL_MACHINE\Software\Wow6432Node\CLSID\{F02C1
for both
Attribute
dword / hex
Once this is set in your GPO do gpupdate /target:computer and then logoff and back on. (explorer needs to reinitialize)
In my case I decided I didn't want to remove Favorites since it gives quick and easy access to the desktop. Instead I redirected it to a central location for all users. This implys that end users won't be able to add their own "favorites" to the folder. This can be done with folder redirection and then place the desktop shortcut in the folder.
You could also easily redirect it to their own personal stash and the script the removal of the unwanted "links" (located in the users Links folder)
No comments:
Post a Comment