Just wondering if anyone had any ideas, this is driving me mental.
Basically, all users' desktops are redirected to a common folder on the server, which is used as the desktop when they log in via Active Directory. That folder is of course read-only, so they can't add files in and alter everybody's desktop at the same time.
However, recently I've had people with intermittent connections, whether that means laptops that go offsite or computers with a dodgy internet connection writing to that folder. I think they go off the network for whatever reason, shift shortcuts or files to the desktop, and then when the PC comes back it forces a write to desktop folder. How it does that, I don't know - it should be refused access without admin rights.
Any ideas?