Although Ivan's response is perfectly fine^*, let me offer an alternative approach.

If you just want to provide a few different favorites, you could consider just creating them manually, and then provide each individual .url file via predefined settings or Files and Folders user environment settings. Just drop the particular .url file into the Favorites folder of the predefined settings archive or Files and Folders archive, and configure the conditions.

Ivan's solution is definitely more scalable (particularly if you go for the parameterized script approach), but maybe this is sufficient for your scenario.

* Well, apart from using \\server\share\file.vbs instead of %UEMScripts%\file.vbs, but that's probably because we never documented that feature 🙂

The %UEMScripts% variable is dynamically created at logon, pointing to the ...\FlexRepository\Scripts folder in your configuration share. You will have to create the Scripts folder manually.

Thanks for adding the additional options UEMdev​!

I like the %UEMScripts% option. Didn't know that one yet. :smileycool:

Any additional ones that are not documented and you want to share?

Thanks for all the input, using vbs does seem to be an easier approach as I can dump the vbs in my netlogon folder.  We will have more and more tenants that onboard and having a way to automate this would be great.  I am not a script-er, but something that would detect the user's OU and apply the correct IE favorites would be great.  Is this possible?

What, you don't monitor changes to the UEM Advanced ADMX settings, and play with everything you find there? 🙂

Since UEM 9.2, we create three environment variables at logon:

%UEMSessionId% – The Windows session ID

%UEMConfigShare% – The location of your UEM configuration share (i.e. your General folder)

%UEMScripts% – The location of the FlexRepository\Scripts folder in the configuration share

The UEM prefix can optionally be overridden through a policy setting in the above mentioned advanced ADMX template.

We were planning to document these variables through a KB article, but it seems that that didn't happen (/ping Pim_van_de_Vis)... They are fully supported, though, so have fun 🙂

Haha, nice! Thanks for pointing that one out!

Trying to figure out how to defend my self on this one, but..... neh, nevermind :smileylaugh: :smileysilly:

Hi bugattiveyron​,

I have changed the script a bit, so you can use 2 parameters now. Be aware, there's no error handling in this script.

objShortcutUrlName = WScript.Arguments(0)
Set WshShell = CreateObject("WScript.Shell")
strFavoritesPath = WshShell.SpecialFolders("Favorites")
Set objShortcutUrl = WshShell.CreateShortcut(strFavoritesPath & "\" & objShortcutUrlName & ".url")
objShortcutUrl.TargetPath = WScript.Arguments(1)
objShortcutUrl.Save

Save the lines above in a VBS file (CreateFavorite.vbs in this example) and place it in the ...\FlexRepository\Scripts folder of your UEM config file share, under general.

Create the following Logon Task:

The full command (partially show in the picture above) is: cscript.exe %UEMScripts%\CreateFavorite.vbs "Tenant1" "http://tenant1.domain.local"

Go to the Conditions tab and do the following:

Click Add and click Organizational Unit

Choose the OU that your users are in for which you want to create the favorite and click OK.

Click Save and you're good to go.

Please let me know if this is the solution for you or if you have any other questions.

Thanks for the reminder UEMdev​, creation of the KB has just been added to my to-do list

Thanks for the updated script.  Just now able to get around to testing it as I had to troubleshoot some other issues.  So the script does not seem to work.  I have attached the log file from flexengine, it may look odd as I had to scrub it.

Things I have working.  We use App Volumes for writables and on demand app stacks through vRA which works fine.  I left the readme file that shows up on the desktop for the users which shows up.  When I lock my VDI machine and log back in, I get the welcome back message from UEM.  I have validated that the user I log in with is part of the OU I have in the script.

Hi bugattiveyron​,

I just tried Ivan's script in my environment, and it works fine.

Only thing I can think of (but can't validate in your log file), is that you might want to put quotes around %UEMScripts%\CreateFavorites.vbs, just in case the non-scrubbed path contains spaces.

I have no spaces.  One thing I did notice yesterday when I started to work on it was I actually did not have a folder called Scripts in \general\FlexRepository\ so I created one and dropped the .vbs in it.  I noticed when I created the file in that folder, an exact copy of the file showed up at the root of \general\FlexRepository

Something else to note, I have a stig'd environment.  I have validated my UEM gpo is attached to this VDI and all the correct policies in place.  I have checked event logs and do not see any errors other than a windows event error 1534 that does not reference VMware.  What other logs could I potentially look at?

Thanks!

I actually did not have a folder called Scripts in \general\FlexRepository\ so I created one and dropped the .vbs in it.

That is OK. This folder does indeed not exist by default.

I noticed when I created the file in that folder, an exact copy of the file showed up at the root of \general\FlexRepository

That is unexpected. The only logic in UEM around the ...\FlexRepository\Scripts folder is that it automatically creates the %UEMScripts% environment variable that references that particular path. There is no built-in file copying or anything like that...

I have a stig'd environment.  I have validated my UEM gpo is attached to this VDI and all the correct policies in place.  I have checked event logs and do not see any errors other than a windows event error 1534 that does not reference

I'm not at all familiar with the details of STIG, but could it be the case that as part of the hardening VBScript has been disallowed? What happens if you run the script manually after logging in? Any error messages? Do you see the new .url file in the %USERPROFILE%\Favorites folder?

Just in case. even though Ivan's script seems to determine the location of the Favorites folder correctly, but I'm not too familiar with VBScript: do you have the Favorites folder redirected, by any chance?

I agree with UEMdev. I have seen organisations where all WSH scripting extensions were disabled, including .VBS.

If this is the case, then the other option mentioned in UEMdev's first reaction may still be a suitable solution for you.

So unfortunately, it does seem to be a scripting ability issue.  I have gone back and implemented a mix of both answers.  I used the files and folders to create the URL and use a condition of check OU to validate who the user belongs to.  The only thing with this setup is that I would have to create a files and folder addition for each new tenant.  Can it be done in a smarter way with just this one files and folder?

****Edit****

So something I just noticed, even adding another files and folders it uses the same favorites location as all the other urls, so for example my SYSadmins being at the highest level sees every single url in the favorites folder.  I did validate that my Tenants could not see the SYSadmin url's since they are not in that OU.

The only thing with this setup is that I would have to create a files and folder addition for each new tenant.  Can it be done in a smarter way with just this one files and folder?

We don't have a way to use conditions "inside" an item, so I'm afraid that you will indeed have to use per-tenant settings in UEM.

If you can run standard Windows .cmd files and have a way to distinguish your tenants based on characteristics you can check from there (like an environment variable), you could consider creating a batch file that dynamically constructs a .url file, as the format of such files is pretty straightforward. Not sure if that's worth the effort, but I don't know how many tenants you need to support 🙂

So something I just noticed, even adding another files and folders it uses the same favorites location as all the other urls, so for example my SYSadmins being at the highest level sees every single url in the favorites folder.  I did validate that my Tenants could not see the SYSadmin url's since they are not in that OU.

Not sure if I quite understand, but could it be that your conditions aren't sufficiently specific?

I like your thought UEMdev​, so I created a simple CMD file (no error handling).

@echo off
echo [InternetShortcut] > "%1\%2.url"
echo URL=%3 >> "%1\%2.url"

You can save the content above in a CMD file (for example CreateFavorite.cmd).

This file accepts 3 parameters in the following order:

%1 = The save location for the .URL file that is created (do NOT use a trailing backspace, i.e. "%USERPROFILE%\Favorites")

%2 = The name of the .URL file (this is also the name that is visible in IE)

%3 = The URL (i.e. http://tenant1.domain.local)

An example of the full command is shown below:

This should result in:

Please let me know if this works for you bugattiveyron​.

Thanks Ivan, & team for the suggestions.  I have not had a chance to further play with this as I have been busy getting some of our other VMWare products up and running.  I will try to get to this in the next few days and let you know how it works.