Block access to the Microsoft Store using Microsoft Intune

A secure work environment involves the implementation of processes, particularly those related to packaging, to allow the user to access reliable applications that have been tested and validated by the IT team.

As soon as this first step is completed, it is necessary to restrict access to the Microsoft Store so that users can only install software provided through the corporate catalog.

We'll see below how to block access to the Store through the Microsoft Intune solution, while still allowing apps flowing from it to continue receiving updates.

Block access to the Microsoft Store

Log on to and perform the following steps:
  • Click on Devices / Windows 
  • And select Configuration Profiles
  • Click on Create and New Policy
  • When creating, select the following parameters
  • Platform: Windows 10 and later
  • Profile Type: Settings Catalog
  • Click Create
  • Complete Name field and click Next
  • Then click Add Settings
  • In the Search box, find, add and configure the following:
  • Turn off the Store application
  • Enabled
  • Allow apps from the microsoft app store to auto update
  • Allowed
  • Click Next
  • Scope tags, click Next
  • In the Assignments section, select a device group or all devices and click Next
  • Review and create, click Create.

Verifying that parameters are being applied correctly

Once the policies on the workstation have been applied, the user who wishes to access the Store will receive the message below:

On the Microsoft Intune console, go to your configuration profile and view the related report to verify that it is correctly applied to the affected workstations.

Popular posts from this blog

How to implement Applocker with Microsoft Intune

How to reset computer in OOBE mode

Microsoft Intune, Uninstall Win32 app with the company portal