Forum Discussion

MichaelOliv's avatar
MichaelOliv
Iron Contributor
Jul 06, 2021
Solved

RequirePrivateStoreOnly for Windows professional

Hello,

 

We are working on Autopilot and I would like to authorize only the private microsoft Store. Not the public one. To all users.

I see that : https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-applicationmanagement#applicationmanagement-requireprivatestoreonly

 

But it seems no to work with windows Professional.

Do you know if there is a method to do it for a Windows professional please?

configuration
Intune
store

10 Replies

Sort By
  • Rudy_Ooms_MVP's avatar
    Rudy_Ooms_MVP
    MVP
    Jul 07, 2021
    Hi,

    I did a blog on this subject some time ago. Please beware, removing the whole store or limiting access could give you some problems when modern apps need updates! And of course the Microsoft store is also responsible for some driver updates like I explain in another blog..

    I hopes these 2 blogs help you

    https://call4cloud.nl/2020/06/managing-apps-in-the-microsoft-store/

    https://call4cloud.nl/2021/06/those-magnificent-drivers-in-their-flying-microsoft-store-or-how-i-flew-from-the-enrolment-status-page-to-paris-in-25-hours-11-minutes/
    • MichaelOliv's avatar
      MichaelOliv
      Iron Contributor
      Jul 08, 2021

      Thanks for your help to both of you.

       

      Mr_Helaas, I understand your solution. I didn't know that I can completly block the store.

       

      Rudy_Ooms_MVP, thanks for your links. I read and I see how to block the store. Didn't try yet.

      In what I understood the unique solution is to block completly the store and use the method of Mr_Helaas . But in this cas I could have problem with drivers? They will not update?

       

      • Rudy_Ooms_MVP's avatar
        Rudy_Ooms_MVP
        MVP
        Jul 08, 2021
        It depends on which option you choose to block it and how you block it. If you block it user mode.. When only the user is blocked, the device should still be able to get the updates and update the modern apps
  • Mr_Helaas's avatar
    Mr_Helaas
    Steel Contributor
    Jul 07, 2021
    Hi Michaël,

    You can remove or disable the whole Microsoft Store on the device.

    Within Intune you setup a connector to synchronize the store for business apps.
    You can find the connector section and Microsoft instructions under tenant administration.

    Purchase the company portal and set this application as required for all devices.

    All other apps you purchased in store for business will also be synchronized to Intune.
    Assign these application as optional (user or device group)

    The users can only install store applications that you’ve allowed.

    Kind regards,

    René

Resources