How to block Windows Store or any other application with GPO

Last updated: Dec 10, 2022

In a company, as a responsible system administrator, you don't want to let your users install or run any programs on their computers (yes they are often poorly educated). Windows Store is a open door to this type of behavior, so it may be worthwhile to prevent it from running on the company's computers.

And this is exactly (how lucky you are…) what we will see in the following article. In fact this method can be used to block any application you want.

To do so, we will use the Software Restriction Policies.

Create Group Policy Object

From our Active Directory server we will create a new GPO.

Open Group Policy Manager console :

Launch Group Policy Management Console from Run window

Create a new GPO and link it to OU where you have your computers objects :

Create a new GPO from Group Policy Management

Give a name to the new GPO :

Edit the GPO :

Go to Computer Configuration > Policies > Windows Settings > Software Restriction Policies. Do a Right click New Software Restriction Policies

Add a New Software Restriction Policies from Group Policy Management Console

Then from Software Restriction Policies > Additional Rules

Add a new path rule from New Software Restriction Policies

Add «%programfiles%\WindowsApps\Microsoft.WindowsStore*» inside Path and select «Disallowed» in Security level :

New Path Rule Windows in Software Restriction Policies GPO

Open Windows Store

Once the strategy has been implemented, users will see this window appears in case they try to run Windows Store :

Computing

Music

Misc

How to block Windows Store or any other application with GPO

Create Group Policy Object

Open Windows Store