I’ve seen a lot of discussions around about how to pin programs to the Windows 7 / 8 Taskbar but nothing that details the step by step instructions or how to make it work on actual login. Most talk was around how to make it work on machine deployment. I decided I would collate all the information and make some instructions on how to make it work on login. Its a bit messy and a bit of a workaround but it does get the job done.
Microsoft didn’t release an easy way to put icons on the taskbar so that Programs when installed didn’t spam your taskbar. So we have to use a Visual Basic Script to make it work.
First of all your need the script called pinitem.vbs from here. The details of the script can be found on the authors site here.
The problem we have with the script, is that the script will run as system when it runs a login script in Group Policy. It has to run after login in order for it work. What I plan to do is place the file in the users profile and in the startup folder. It will then launch after login and work.
We need the script to be accessible from all of your Domain machines so we need to put it somewhere. You can create a new share or do what I did and put it in the netlogon share.
On one of your Domain Controllers navigate to the location.
C:\Windows\SYSVOL\sysvol\YOUR DOMAIN NAME\scriptsPlace the pinitem.vbs file in here.
Now we need to make a Windows Batch file that will reference this script and create the relevant icons.
Open up notepad and paste in my example line below. This example will create a pinned item for Calculator.
cscript \\domain controller\netlogon\PinItem.vbs /taskbar /item:"c:\windows\system32\calc.exe"Using my example create lines for all the taskbar pins you need. So another example for Outlook 2013 would be :
cscript \\domain controller\netlogon\PinItem.vbs /taskbar /item:"C:\Program Files (x86)\Microsoft Office\Office15\Outlook.exe"My finished script looks like :
Now we need to save this script and place it in our netlogon share alongside the vbs script. Due to UAC you cant save directly in there and need to drag and drop it in.
In notepad click file, Save as then put in “PinItems.bat”. This will save it as a batch file without a txt extension.
Now drag and drop it into the same path as before on your Domain Controller.
C:\Windows\SYSVOL\sysvol\YOUR DOMAIN NAME\scripts
Now we have the scripts in place lets create the Group Policy Object / GPO. On your Domain Controller launch the Group Policy Management Application. Branch out until your find the Group Policy Objects folder. Right click on it and click new.
In the new GPO window put in your desired name. I will call mine “Pin Taskbar”.
Now under the branch you will see the new Group Policy. Right click on it and click edit.
The section we want to alter is under, User Configuration, Preferences, Windows Settings, Files.
On the right hand side right click and then click New File.
In the source box enter your netlogon .bat file location. In the destination you need to enter :-
%userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PinItems.bat
Click ok and close the editor of your Pin Items GPO.
Before deploying this script to everyone. In my environments I would want to test it out on a test base. So I would target the GPO at a security group. Create a new security group and then add your users to it.
Then in the Group Policy Management Console go to the Scope tab when the Pin Taskbar GPO is highlighted on the left.
In this tab you will see a section called Security Filtering. This tells you who this GPO will apply too. By default it will apply to Authenticated users, meaning everyone so lets click add. Then add our group we created. Then remove authenticated users.
Were nearly done, all we need to do now is link the GPO to the OU where your users sit. Right click on the OU and click Link an existing GPO. Click our new GPO we created.
Alternatively you could add this to an existing GPO and use Group targeting in Group Policy Preferences.