FAQ: Supporting Microsoft Store experiences on managed devices

Community Manager

Find answers to common questions about new Microsoft Store app integrations in Microsoft Endpoint Manager and transitioning application management from the Microsoft Store for Business. Looking for more information? Read Update to Endpoint Manager integration with the Microsoft Store on Windows and Evolving the Microsoft Store for Business and Education.

Editor's note: Questions in this FAQ may be added and/or updated over time to provide more detail. Updates and new questions will be indicated.

In this FAQ:

 


Early access and availability

What are the preview opportunities and when will they be available?

Organizations looking to evaluate the new Microsoft Store app repository integration with Endpoint Manager will be able to sign up and participate in a private preview in the September 2022 release of Endpoint Manager. (Note: this date is subject to change.))

How can I sign up for the private, and later, the public preview?

We will work with select organizations in the initial phase of the private preview and open it to additional organizations later in the process. When we move to Public Preview, there will be no need to sign up. The new capabilities will appear with the (Preview) tag in the Microsoft Endpoint Manager admin center. Contact your Microsoft account team for more information.

When is the end-to-end replacement scenario for Microsoft Store for Business going to be generally available?

The current plan is to make Microsoft Store support within Microsoft Endpoint Manager generally available in Q4 of 2022, with the community and private repository support in early 2023. This date is subject to change.

When is the Microsoft Store for Business being retired?

The retirement of the Microsoft Store for Business is planned for Q1 of 2023. This date is subject to change.

What are the options for organizations to meet Microsoft Store for Business needs between now and general availability as the current Microsoft Store for Business does not work on Windows 11? Do we need to wait to update our estate to Windows 11?

If deploying Store apps on Windows 11 is a core priority and you are not currently using Endpoint Manager, then you will not be able to deploy Store apps to devices on Windows 11. For organizations currently using Endpoint Manager, the process of deploying Microsoft Store apps to Windows 11 works currently with no interruptions.

 


Application content

Can I pick and choose from a combination of Stores and Apps?

Yes. You will be able to pick from a variety of sources of Microsoft Store apps, including public Microsoft Store apps or apps made available from private sources including software vendor and line-of-business applications not available in public sources. The private sources will require prior authorization from the private repository owner and authentication to be able to access those applications.

Is there a plan to incorporate the replacement of Microsoft Store for Business into the Store app tab on Windows 10/11 for employees to access the private store?

No, the private Microsoft Store for Business, as it existed, is being retired. Organizations should leverage Microsoft Endpoint Manager and the Company Portal to provide end-to-end app experiences for their employees.

 


Technical requirements

Is the Company Portal App going to be free if we don't license Intune?

An Intune license is required to take advantage of the new functionality and to continue to deploy Store apps directly to user and device groups. The Windows Package Manager platform is openly available to enable custom app installation apps and websites to be built.

How can people download the Company Portal directly? Today there is not a standalone download to meet this need.

The Company Portal app is a free download from the Microsoft Store on Windows. To discover and install applications, devices will need to be enrolled. It is expected that, as is the case today with Microsoft Endpoint Manager, IT admins will deploy the Company Portal app as part of the provisioning process. Employees that have access to the Store can also download and install it themselves, then login with their company credentials.

How is servicing for apps installed from the Microsoft Store integration with Endpoint Manager going to work? What configuration (service accounts, ports, and policies) needs to be in place?

Using Intune, you can assign applications as required or available to employees taking advantage of their existing device enrollment with their organization. IT admins and employees will be able to install and update Store apps. For more information, see Network endpoints for Microsoft Intune.

Do our devices need to be managed by Intune (enrolled in MDM) or can Microsoft Configuration Manager be used instead?

Microsoft Endpoint Manager includes both Intune and Configuration Manager. In order to leverage the new Store and private repositories for apps, you will need to enroll in MDM and use the Company Portal app for discovery and installation. Organizations using Configuration Manager can take advantage of co-management to deploy Store apps.

 


Migration

Will servicing of Microsoft Store in-box apps be able to be done in the same way?

Yes, in-box apps that have a presence in the Microsoft Store on Windows can be serviced exactly the same way. In some cases, in-box apps can be uninstalled using Endpoint Manager app uninstall assignments.

What do I need to do to have apps I installed from the Microsoft Store for Business remain up-to-date and manageable? Do I need to reinstall them? Will they stop working?

Apps that are already installed on devices will continue to work for employees. To be able to service them as an IT pro, you will need to create a new assignment of those apps using the new Store integration with Endpoint Manager. This will not force any reinstall of the app, just reconnect the app from the employee's device to your Endpoint Manager app list.

What is the process to migrate existing Microsoft Store for Business applications over to the new solution?

There is no client migration or device changes required for previously installed apps. On the admin side, you will need to recreate and reassign applications to user and/or device groups and recreate role-based access control assignments that were previously created for individual Store for Business applications.

What should I be doing right now to be ready for the transition?

Identify those business-critical apps that you have deployed through the Microsoft Store for Business, understand how they are being used in your environment, and plan to recreate the app in the Endpoint Manager console and reassign. Existing assignments continue to work; new deployments will proceed according to your group assignments.

Can I service part of my app instead of reinstalling the entire app if I'm using the new Microsoft Store app integration with Endpoint Manager solution?

Redeploying an app will not explicitly result in a complete reinstall if the app is already available on the client device. However, this is entirely dependent on the application installer and how the vendor created it to behave. It is independent from how the Store works as the delivery mechanism.

Do I need to repackage all my line-of-business apps for the new Microsoft Store app integration with Endpoint Manager solution?

Repackaging is not a requirement. LOB apps previously deployed via Endpoint Manager are not affected.

 


Application management and controls

Can I force or gate a user to stay on a specific version of an app until I approve a newer version for my enterprise?

The Store will only keep a few of the most current versions of an app available. We are evaluating, with the new Microsoft Store integration, a way that you will be able to, per app, decide whether auto-update is appropriate or whether you as an IT admin want to control the flow of updates using Endpoint Manager. If you need to keep an older version of an app around (N-2 or N-3, etc.) you will need to maintain your own copy of that application and deploy it manually.

Can IT admins enforce mandatory or deadline dates?

This capability is not yet available, but something we are looking into.

How do I manage app entitlements using the Microsoft Store app integration with Endpoint Manager?

There is no concept of entitlements or licenses. You also cannot use the Store to purchase apps on behalf of your employees. By assigning an app to a user group or device group, you are granting installation rights to all members of that group either as a required (also known as a push-install) or as an app available for the employee to install themselves through the Company Portal.

Do you expect apps that have their own "auto updaters' (e.g. Microsoft Edge, Teams, and OneDrive) to change their servicing strategy?

What powers the Store and private repositories and app manageability is the Windows Package Manager technology which affords the ability to update applications. Although applications with auto-updates still exist, you can use the Store to control the flow of updates with more certainty.

We want apps to be automatically serviced, how will that work? What about for organizations not using Intune?

Automatic servicing of apps deployed from the Store using Endpoint Manager will be an option that IT Admins can select on a per-app basis. The Store in the absence of management tools, like Endpoint Manager, will behave as it does today.

Is there a plan for compliance reporting to show when applications are not current, i.e., out of date and subject to security fixes?

These types of features are possible and under consideration.

What management capabilities are there for IT admins to curate which apps an employee can install, but not allow full access to download all apps?

IT admins can block access to the full Microsoft Store and, using Endpoint Manager, only allow the installation of apps either through required assignments or available assignments, in which the employee can search and install apps using the Company Portal.

Will apps take advantage of peer content sharing, e.g., Delivery Optimization, or do they pull direct each time?

Full Delivery Optimization support is available for Store applications deployed to Windows devices.

What monitoring and reporting options will be available?

As with most apps deployed via Endpoint Manager, you will have full monitoring and assignment reports available to you as well as complete device app inventory reporting for apps assigned using Windows Package Manager integration.

What is the process to revoke or uninstall an application in the event of a zero-day vulnerability or once we are no longer licensing an application?

Endpoint Manager has the full ability to update an app to resolve bugs or vulnerabilities. It also can be used to remove or uninstall apps of your choosing.

How do I handle application dependencies? For example, one of our apps requires .NET to be installed before the app itself can be installed?

Dependencies are a feature that is likely to be shipped after general availability but is something we plan to support in the future.

 


Benefits of integration with Endpoint Manager

What are the advantages of the Store for Business replacement solution in Endpoint Manager?

There are many advantages, one of which is improved search and app discovery experience. It is much easier to find and assign apps to user groups, and the expanded app catalog content includes Win32 apps. There is also access to a broader set of apps from the Microsoft Store on Windows, including those submitted by the community and those made available through private software vendors or company-owned app repositories. Through Windows Package Manager, you have a richer set of APIs and integration points as well as developer tools.

 


Options for app acquisition without Endpoint Manager

What are our options if we don't have Intune or use a non-Microsoft management solution?

Windows Package Manager has a rich set of tools and APIs available for you to discover and deploy applications to Windows devices. See the following for more details: Manage Windows Package Manager with Group Policy.

What is the process for custom and line-of-business apps?

Line-of-business apps can continue to be deployed through any of the various methods already available in Endpoint Manager through the Intune service or through Configuration Manager. For Store-based apps, using a private repository would include the benefits of publishing, lifecycle management, servicing/updating, and uninstalling/removing.

3 Replies
When is the private store repository available, how can it be implemented and tested?
What about licensemanagement? Will organisations be able to buy apps from the store, or is all licensing management handled individually between the org and the manufacturer? Say we want to buy an ap for preschools in a municipality. How will that be managed in the new store?
Microsoft, your new integration is a step back from the capabilities of the buseinnes store. We can only make assignments available for users to install their apps from the company portal, but we need to deploy the company portal as a 'required apps'...so it doesn't work. It was super easy to do it via the Store for business. How are you going to simply deploy store apps that are required? We can do it via Win-get in PS, but in my opinion it's a step back from the capabilities that the Business store offered us. Please allow us to deploy as required and also get back the capabality to uninstall some apps.