MDM are becoming the future of Group Policy Objects (GPO). This allows admins, to deploy company policies to computers all over the world. Without the need to access a network through VPN or by connecting on site for the users.
I wondered how to disable the public windows store with intune, but let the users use the private company store (Windows Business Store).
Here is how.
First, you need to create a new MDM :
- Add a name for your MDM
- Add a description
- Platform : Windows 10 and later
- Profile type : Custom
- Name : RequireOnlyPrivateStore
- Description : Custom OMA-URI to allow only private store
- OMA-URI : ./User/Vendor/MSFT/Policy/Config/ApplicationManagement/RequirePrivateStoreOnly
- Data Type : Integer
- Value : 1
- Save and Assign the policy to all user or a selected groups.
For all users, Public store will disappear and let only the private store to be shown. This allows the admins to manage which apps the users can install on they computers.
Good morning, Karl,
Do you know how to remove the toast notification icon next to the clock? And block user-installed programs like Google Chrome that do not require administrator privileges. And how to enable CTRL+ALT+DEL in the interactive logon. Are there also AMO-URI for this? Thank you for your help.
Hi Guillaume,
That’s a lot of interesting questions! 🙂
You can enable interactive logon with OMA-URI ./Vendor/MSFT/Policy/Config/LocalPoliciesSecurityOptions/InteractiveLogon_DoNotRequireCTRLALTDEL
You can allow trusted apps with the OMA-URI ApplicationManagement/AllowTrustedApps
You can’t remove toast notification icon because its where the user enable wifi, bluetooth and access some parameters but you can disable notifications tile with Notifications/DisallowTileNotifications
Hope this helps you.
Regards,
Karl
Hi Karl,
Can you please help to block the windows store permanently, we have tried multiple ways but not working.
Hi Satyendra,
Have you tried ADMX backed MDM (ADMX_WindowsStore/RemoveWindowsStore_1 and/or ADMX_WindowsStore/RemoveWindowsStore_2) ?
https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-admx-windowsstore#admx-windowsstore-removewindowsstore-1
Ensure you have the Enterprise edition of Windows 10.
Best regards,
Karl