Forum Discussion

neilcarden's avatar
neilcarden
Brass Contributor
Apr 14, 2020

Disable/Block installation of all apps

Hi, I am trying to replicate a group policy that back when I was using on-prem AD etc, we could set the policy to disable windows installer for all users, hence not allowing them to install anything.

 

I'm not working in a full cloud environment using M365/InTune/Defender ATP, Cloud App Sec etc... and as far as I can tell there is no equivalent configuration policy. I just want to only deploy managed apps from Intune and block everything else (maybe not store/company portal apps)

 

I have seen blogs on AppLocker and using ATP, but these seem rather overblown for something thats a basic requirement (in my eyes) for an organisation.

 

Anyone successfully doing this without lots and lots of config...

 

Neil 

Resources