New-Object -ComObject WScript.Shell – User Context

Hi,

I'm trying to create two scripts, a detection and a remediation script to be used with SCCM.

This is to detect if a user profile is missing the Teams icon, created by the machine-wide installer, per user when they first logon.

As below (remediation script):

$ExcludedUserAccounts =  'Administrator','Public','Generic'

$UserProfileDirectories = (Get-ChildItem -Path C:Users -Exclude $ExcludedUserAccounts).FullName
$TeamsProfileDirectory = 'AppDataLocalMicrosoftTeams'

$Global:NoUpdateEXE = @() # Reset Teams folder to allow Teams to reinstall when user logs back on.
$Global:NonCompliantIcon = @() # Create and set icon as required.
$Global:Compliant = @() # No action required.
$Global:NoTeamsDirectory = @() # No actions as Teams should install at log on.

ForEach ($UserProfile in $UserProfileDirectories)
    {
    
    $RequiredTarget = $UserProfile + $TeamsProfileDirectory + 'update.exe'
    $RequiredArguments = '--processStart "Teams.exe"'

    $Shortcut = New-Object -ComObject WScript.Shell
    $ShortcutLocation = "$UserProfileDesktopMicrosoft Teams.lnk"
    
    $CurrentTarget = $Shortcut.CreateShortcut($ShortcutLocation).TargetPath
    $CurrentArguments = $Shortcut.CreateShortcut($ShortcutLocation).Arguments
    
    If ( Test-Path ($UserProfile + $TeamsProfileDirectory) )
        {
        If ( Test-Path $RequiredTarget )
            {
            If ( (Test-Path $ShortcutLocation) -and ($CurrentTarget -eq $RequiredTarget) -and ($CurrentArguments -eq $RequiredArguments) ) { $Global:Compliant += $UserProfile }
            Else { $Global:NonCompliantIcon += $UserProfile }
            }
        Else { $Global:NoUpdateEXE += $UserProfile }
        }
    Else { $Global:NoTeamsDirectory += $UserProfile }
    
    }

ForEach ($Item in $NoUpdateEXE)
    {
    If (Get-Process -Name Teams -ErrorAction SilentlyContinue | Where-Object -Property Path -EQ ($Item + $TeamsProfileDirectory + 'CurrentTeams.exe')) { }
    Else { Remove-Item -Path ($Item + $TeamsProfileDirectory) -Recurse -Force -Verbose }
    }

ForEach ($Item in $NonCompliantIcon)
    {
    $TargetPath = $Item + $TeamsProfileDirectory + 'update.exe'
    $ShortcutDestination = "$ItemDesktopMicrosoft Teams.lnk"
    $Arguments = '--processStart "Teams.exe"'

    $WshShell = New-Object -ComObject WScript.Shell
    $Shortcut = $WshShell.CreateShortcut($ShortcutDestination)
    $Shortcut.TargetPath = $TargetPath
    $Shortcut.Arguments = $Arguments
    $Shortcut.IconLocation = $Item + $TeamsProfileDirectory + 'CurrentTeams.exe,0'
    
    $Shortcut.Save()
    }

The issue is the New-Object -ComObject WScript.Shell section.

One the detection script, I just want to check that the TargetPath and Arguments are set to what they should be. However using New-Object seems to only seems to reference the account PS is running in.

So this code:

    $Shortcut = New-Object -ComObject WScript.Shell
    $Link = Get-Item "C:UserstempuserDesktopMicrosoft Teams.lnk"
        
    $Shortcut.CreateShortcut($Link).TargetPath

I want it to return: 'C:UsersTempUserDesktopMicrosoft Teams.lnk'.

But instead it returns: 'C:UsersLoggedOnUserDesktopMicrosoft Teams.lnk'.

Tried this under System context and it returned the system profile directory.

Please help PS masters!