cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Locking down the Microsoft Store

AutoJuan
Copper Contributor

‎Mar 25 2021 05:22 PM

‎Mar 25 2021 05:22 PM

Locking down the Microsoft Store

Hi Tech Community,

 

I am currently trying to find a way to lock down the Microsoft Store on our enterprise devices running Windows 10.

 

I am aware that we can redirect our users to use a curated business store, but there is no stop for a user to log onto a personal account and using the store to download and install any other application.

 

Any insights are greatly appreciated,

Thanks in advance!!

72.8K Views
0 Likes
14 Replies
Reply
14 Replies
dretzer

‎Mar 26 2021 12:37 AM - edited ‎Mar 26 2021 12:38 AM

‎Mar 26 2021 12:37 AM - edited ‎Mar 26 2021 12:38 AM

Re: Locking down the Microsoft Store

You can either disable the Microsoft Store completely, or use the Windows Store for Business only. If you want to do the later, first make sure you configured the Business Store to your liking and then disable the public store either with GPO or Intune:

GPO:
Computer Configuration > Administrative Templates > Windows Components > Store > Only Display The Private Store within the Microsoft Store

Intune:
https://docs.microsoft.com/de-de/archive/blogs/beanexpert/block-windows-10-public-store-using-micros...

0 Likes
Reply
Rudy_Ooms_MVP

‎Mar 26 2021 06:55 AM

‎Mar 26 2021 06:55 AM

Re: Locking down the Microsoft Store

Hi,
I created a blog about managing the store with applocker/intune, some time ago. Maybe this is what you are looking for?

https://call4cloud.nl/2020/06/managing-apps-in-the-microsoft-store/
1 Like
Reply
Robin Clive-Matthews

‎Jul 14 2022 02:25 AM

‎Jul 14 2022 02:25 AM

Re: Locking down the Microsoft Store

It's a complete mess, the only way we found to lock the store down was using AppLocker.
You can add all the default Windows apps to a policy really easily if you install GPMC onto one of your endpoint devices and edit the policy from that.
The user experience isn't ideal - you just get an error message if you try and install a non-approved app, but it works and stops apps you haven't approved from being installed. I'm using this on Win11 but it'll work on Win10 too.
Make sure you have a policy entry to allow administrators to run any application.
0 Likes
Reply
Rudy_Ooms_MVP

‎Jul 14 2022 11:05 PM

‎Jul 14 2022 11:05 PM

Re: Locking down the Microsoft Store

Applocker is indeed the way to go... there are more options to block/prevent/remove it... but... that's not my cup of tea... Applocker it is!

https://call4cloud.nl/2020/06/managing-apps-in-the-microsoft-store/#part2
0 Likes
Reply
Robin Clive-Matthews

‎Jul 15 2022 12:52 AM

‎Jul 15 2022 12:52 AM

Re: Locking down the Microsoft Store

@Rudy_Ooms_MVP Blocking the store completely isn't an option due to the amount of Windows functionality that would never update if you did, and some manufacturers are delivering drivers and support software through the store, e.g. it seems to be the only way to get the Waves MaxxAudio driver. No Store = no audio functionality on your machine :(

It's a shame Microsoft have made such a mess of being able to manage it, this stuff has been possible on other platforms for a very long time, and was possible on Windows until fairly recently. It's bizarre that any product manager would think the current situation is acceptable for a release product used in business (i.e Windows Pro/Enterprise).

0 Likes
Reply
rachelgomez161999

‎Jul 18 2022 11:07 PM

‎Jul 18 2022 11:07 PM

Re: Locking down the Microsoft Store

Block Microsoft Store using AppLocker

Type secpol in the search bar to find and start AppLocker.
In the console tree of the snap-in, click Application Control Policies, click AppLocker, and then click Packaged app Rules.
On the Action menu, or by right-clicking on Packaged app Rules, click Create New Rule.
On Before You Begin, click Next.
On Permissions, select the action (allow or deny) and the user or group that the rule should apply to, and then click Next.

Regards,
Rachel Gomez
0 Likes
Reply
Rudy_Ooms_MVP

‎Jul 19 2022 12:36 AM

‎Jul 19 2022 12:36 AM

Re: Locking down the Microsoft Store

:) ... I guess you misread the article.. as I am not advising the block/remove the store at all... but just limiting it with the use of applocker and packaged app rules :)
0 Likes
Reply
Randall Rotter

‎Oct 14 2022 11:35 AM

‎Oct 14 2022 11:35 AM

Re: Locking down the Microsoft Store

Is this not working on a Windows 10 Home device because the user is an Administrator?
I believe i configured it as stated above to Deny the Microsoft Store.
0 Likes
Reply
Rudy_Ooms_MVP

‎Oct 14 2022 11:36 AM

‎Oct 14 2022 11:36 AM

Re: Locking down the Microsoft Store

Windows 10 home :) as home in no support for aadj and almost no support for intune :)
0 Likes
Reply
Randall Rotter

‎Oct 15 2022 10:01 AM

‎Oct 15 2022 10:01 AM

Re: Locking down the Microsoft Store

Thanks. While the business case for disabling or controlling the Store is obvious, it should be even more obvious to designers and program managers that controlling Store access for kids is essential functionality.

The Store should be controllable via Microsoft Family Security functionality. Child access should be controllable. Please pass this on to folks responsible for Family account design. Thanks.


0 Likes
Reply
Robin Clive-Matthews

‎May 15 2023 05:04 AM

‎May 15 2023 05:04 AM

Re: Locking down the Microsoft Store

@Rudy_Ooms_MVP Hmm, yeah not sure what I had been reading... I was on a bit of a rant about how annoying the situation is/was - apologies for that :facepalm:

Also, have you seen the interesting (but sadly [hilariously] broken) new Store "integration" with AppLocker since Store version 22303.1401.5.0? Could be really good if they hadn't messed up the version checking...

0 Likes
Reply
Paul_Lawrence

‎Jul 04 2023 09:15 AM

‎Jul 04 2023 09:15 AM

Re: Locking down the Microsoft Store

How do I get the information for the App Rule? Ive followed the article listed from call4cloud.nl and it works only for MS apps. I want to include Apple apps but not sure where to get the configuration info from for the XML file
0 Likes
Reply
arvind55570

‎Jul 23 2023 10:00 PM

‎Jul 23 2023 10:00 PM

Re: Locking down the Microsoft Store

@dretzer  Thanks for the sharing knowledge ,Its not working on Windows 10 Pro.

can you help to provide for win10 Pro.

0 Likes
Reply
jmakhija

‎Nov 28 2023 04:59 AM - edited ‎Nov 28 2023 04:59 AM

‎Nov 28 2023 04:59 AM - edited ‎Nov 28 2023 04:59 AM

Re: Locking down the Microsoft Store

@AutoJuan 

I understand it is an old topic, but here's is an updated information on the query:

 

The best way is to use a Settings Catalog policy "Turn off store application". It still allows you to Install Store Apps from the Company Portal App. Refer to this blog post, for more detailed information about this subject: https://cloudinfra.net/how-to-disable-microsoft-store-in-windows-using-intune/

0 Likes
Reply