If you’re deploying an application across your organization, that makes use of a notification area icon in Windows 7 or Windows 8, it can be annoying for users when Windows decides to hide the icon. Here we look at a way of forcing notification area icons (system tray icons) to always be visible to the user via Group Policy Objects (GPO) and a little scripting.

Geoff Kendal

Geoff Kendal is a Windows/Linux systems administrator, scripter and problem solver, with over 12 years experience, based in Leeds, UK.

Back in Windows 95, the notification area, or system tray, was a bit of a free-for-all. Every application thought that it was worthy of a constant presence in the corner of your screen. While some of these icons are useful, the vast majority are generally not. Windows XP started to address this clutter issue by allowing us to hide/collapse the icons that we didn’t really use or need. Windows Vista removed more of these for us, with Windows 7 going a step further by making most icons here hidden by default, unless specifically permitted by the user to display in the notification area all of the time.

Notification Area alias System Tray

Notification Area alias System Tray

Most of the time, this management of our notification area is fine, however occasionally it can work against you. For example, you might roll out an instant messaging or business application that you would like to always be visible via the notification area. Windows will by default hide this from your users, and doesn’t provide an easy way to automate or script the visibility of these icons for system administrators, as the registry key that stores this information is a long binary key.

Luckily for us, Micah Rowland has spent a while reverse engineering this key, and produced a very handy script that easily allows us to force icons to be visible.

Go over to his site, and copy/paste the script into a new file, and save it as ‘NotifyIcons.ps1’. The next stage is to add the script into a GPO that runs for the users that you want to apply this setting to.

Open up the Group Policy Management MMC. Select your chosen Group Policy Object, right click and select Edit. In the editor, navigate to User Configuration > Windows Settings > Scripts > Logon

Group Policy Management Editor - Logon Scripts

Group Policy Management Editor - Logon Scripts

Once you’re in the login script properties window, move to the PowerShell tab, and click the View Files button. This will open an Explorer window – Move the NotifyIcon.ps1 script we created earlier into this location, so that our GPO login script can see it, you can then close that Explorer window.

In the login script properties window, add a new PowerShell script, in the script name, enter NotifyIcon.ps1, and then in the parameters, enter the program name (case sensitive!) followed by the setting to use:

0 = only show notifications
1 = hide icon and notifications
2 = show icon and notifications

If you’re here and reading this far, you’ll probably want to select setting 2… In my example I enter ‘tftp32.exe 2’ as my parameters.

Add new PowerShell script

Add new PowerShell script

At this point, we can now save and close our GPO’s. Now when users login, the GPO should run our script that will look for tftpd32.exe in the notification area history, then set it to always display.

In order for this to work, the user must have previously run the application, and then properly logged out, so that explorer.exe gets a chance to write the updated notification area history to the Registry. On a subsequent login, our script should successfully locate the program in the history, and update its setting to always show.

If you run into difficulty, ensure that the case of the executable is correct – It does matter! You can also try running the script manually from a PowerShell prompt to debug, but you MUST kill explorer.exe (‘taskkill /f /im explorer.exe’) before running it, otherwise explorer won’t see your update, and will overwrite it when it does quit.

Win the monthly 4sysops member prize for IT pros


Related Posts

  1. Ajay 5 years ago

    Hi I used this same file to look for the communicator.exe as the parameter file and this does not work for me. I copied the exact same script but it does not work for any exe as I state in the parameter field in the GPO. I have stated "communicator.exe 2" without the speech marks.

    Can you please help?


  2. Author
    Geoff Kendal 5 years ago

    Hi Ajay,

    Have you tried manually running the powershell script - it will give a little output that might help you figure out what's going on.

    Also, remember it is case sensitive.


  3. Armu 5 years ago

    This one really starts to remind me of Raymond Chen's blog: http://blogs.msdn.com/b/oldnewthing/archive/2009/12/22/9939868.aspx


  4. David 4 years ago

    Excellent thanks for this. One question;trying to work out what the default icons filenames are?! Looking to hide the network icon as we have summat else managing stuff, can't find anything!


  5. uzul 4 years ago

    i try to manual because i d'ont need to start with this script when windows start. I don't know where i can write the different value in the script. I am a beginner 🙂
    i would like to run with "pidgin.exe" (application) with the setting "0"

    thanks for the answers


  6. sinan 4 years ago

    The file link is not working.


  7. Michael Pietroforte 4 years ago

    sinan, thanks for the hint. The link works again now.


  8. Sven 3 years ago

    Hi, this is what I need for my java desktopapp, unfortunate the site with the script is offline.
    Can someone send me with the script, please?
    Thx Sven


  9. Tony 3 years ago

    Hello, I tested the PS script and was able to get it to work properly, but when I try to add it via GPO like you showed above, it doesn't work. Is there something I may be missing?


  10. Jason 2 years ago

    I couldn't get to work via GPO either until I added "Stop-Process -Name explorer" to the bottom of the script. (Even though the command is Stop, explorer starts itself again.)


  11. Michael Pietroforte 2 years ago

    Stephen, thanks for the hint. I changed the link in the article now.


  12. DeployGuy 3 weeks ago

    I wanted to have a function with a hard coded value for testing.

    I added the following to the top and bottom of the script.

    At the top

    Function Set-IconVisible{

    At the bottom

    Set-IconVisible nsload.exe 2
    stop-process -name explorer

    In this example I am making the Citrix NetScaler Gateway Plugin icon visible

    The stop-process cmdlet has an interesting behavior when stopping the Windows shell (explorer.exe), that behavior is that it kills the task without letting it write the values in memory which would overwrite the changes made by the script, then Explorer.exe automatically restarts!  And the icon becomes visible immediately!

    The one caveat is I don't believe a non-administrator can kill the Windows Shell so the GPO method is superior. But for testing by and administator this small modification seems to work.

    To use this as an SCCM Package i would use the run a program first option under the user context to change the users tray setting, then use the stop-process -name explorer comand to make it take effect immediatly, should work, i will try to test this and report back.


    Users who have LIKED this comment:

    • avatar

Leave a reply

Your email address will not be published. Required fields are marked *



Please ask IT administration questions in the forum. Any other messages are welcome.

© 4sysops 2006 - 2018

Log in with your credentials


Forgot your details?

Create Account