One more way to block your end-user from using public Microsoft Store and deploy apps using "Microsoft Store online (new)" deployment in Intune

Shivam Koul 04 August

The Microsoft Store

Blocking the Microsoft Store on enterprise machines is a prudent decision to uphold security and productivity standards. By implementing this restriction, organizations can effectively mitigate the potential risks associated with unauthorized or malicious applications being installed on company devices. Such proactive measures create a controlled and secure computing environment, enabling employees to concentrate solely on approved software and ensuring a streamlined workflow within the enterprise.

Ways to block Microsoft Store using Intune - Using Powershell

As I've already explained 2 ways earlier from which you could block the store. If you want to check them out you can go here: koulinc.xyz/2WaysToBlkStore

In this post, we'll be discussing on how we can block the public Microsoft Store using a registry using powershell.

For blocking the store using powershell, we need to follow the below steps:
  1. Go to intune.microsoft.com
  2. Go to Devices > Windows > Powershell scripts > Add.


  3. On the "Basics" page, give this powershell script a name and description and hit next.
  4. On the "Script Settings" page, for "Script location", you can upload my powershell script which is available at my GitHub here:
    https://github.com/skoul27/msftblock/blob/main/blockmsftstore.ps1
  5. Again on the "Basics" page, you can use the following settings



  6. On the "Assignments" page, you can Include it for "All devices" or however you like it. That's it!


Behavior of blocking the Microsoft Store using this Powershell script.

When the user tries to open the Microsoft Store, it will open but the user will see a message "Microsoft Store is blocked. Check with your IT or System Administrator."

This creates the following registry in users device:




Here's a quick gif for your reference:


Pros and Cons of this Powershell script:

Pros: The Microsoft Store will be blocked and the users can only install the apps which are managed and approved from the Company Portal application. EVEN the "Microsoft Store app (new)" type of deployment will work for both Win32 and UWP apps now! Unbeliveble right? Here's a screenshot for your insecure ass 😉


Cons: Can't find any, let me know in the comments if you have anything 😉
Shivam Koul

Posted by Shivam Koul

Hello I'm Shivam Koul. I'm thrilled to introduce myself as a tech writer with a passion for all things gadgets and gaming. I've always been fascinated by technology. But my interests don't stop there. I'm also a fan of enterprise technology and enjoy keeping up with the latest advancements in Microsoft Intune and System Center Configuration Manager (SCCM). I find it incredibly satisfying to explore these technologies and share my knowledge with others to help them optimize their productivity in the workplace.

Post a Comment

0 Comments