How to Use AppLocker to Block Microsoft Store Apps from Running in Windows 10


AppLocker helps you control which apps and files users can run. These include executable files, scripts, Windows Installer files, dynamic-link libraries (DLLs), packaged apps, and packaged app installers.

Packaged apps are also known as Universal Windows Platform (UWP) apps from the Microsoft Store or already included with Windows 10.

See also:

This tutorial will show you how to use AppLocker to block specified Microsoft Store apps from running for all or specific users and groups in Windows 10 Enterprise and Windows 10 Education.

You must be signed in as an administrator to use AppLocker.



EXAMPLE: "This app has been blocked by your system administrator" message when any user opens a blocked app
Use AppLocker to Block Microsoft Store Apps in Windows 10-this_app_has_been_blocked_by_your_system_administrator.jpg



Here's How:

1 Open an elevated command prompt.

2 Copy and paste the command below into the elevated command prompt, press Enter, and close the elevated command prompt when it has finished. (see screenshot below)

This command is to make sure the Application Identity service is enabled, set to Automatic, and running. AppLocker cannot enforce rules if this service is not running.

sc config "AppIDSvc" start=auto & net start "AppIDSvc"

Use AppLocker to Block Microsoft Store Apps in Windows 10-block_microsoft_store_app_in_applocker-1.png

3 Open Local Security Policy (secpol.msc).

4 Expand open Application Control Policies in the left pane of the Local Security Policy window, click/tap on AppLocker, and click/tap on the Configure rule enforcement link on the right side. (see screenshot below)

Use AppLocker to Block Microsoft Store Apps in Windows 10-block_microsoft_store_app_in_applocker-2.jpg

5 Check the Configured box under Packaged app Rules, and click/tap on OK. (see screenshot below)

Use AppLocker to Block Microsoft Store Apps in Windows 10-block_microsoft_store_app_in_applocker-3.png

6 Expand open AppLocker in the left pane of the Local Security Policy window, right click or press and hold on Packaged app Rules, and click/tap on Create Default Rules. (see screenshots below)

If this step is not done, AppLocker will block all Microsoft Store apps from running.

Use AppLocker to Block Microsoft Store Apps in Windows 10-block_microsoft_store_app_in_applocker-4.jpg Use AppLocker to Block Microsoft Store Apps in Windows 10-block_microsoft_store_app_in_applocker-5.jpg

7 Right click or press and hold on Packaged app Rules, and click/tap on Create New Rule. (see screenshot below)

Use AppLocker to Block Microsoft Store Apps in Windows 10-block_microsoft_store_app_in_applocker-6.jpg

8 Click/tap on Next. (see screenshot below)

Use AppLocker to Block Microsoft Store Apps in Windows 10-block_microsoft_store_app_in_applocker-7.jpg

9 If you would like to specify a user or group to enforce this rule on, click/tap on Select. (see screenshot below)

The default setting is Everyone for all users and groups.

Use AppLocker to Block Microsoft Store Apps in Windows 10-block_microsoft_store_app_in_applocker-.jpg

A) Click/tap on the Advanced button. (see screenshot below)

Use AppLocker to Block Microsoft Store Apps in Windows 10-block_microsoft_store_app_in_applocker-b.png

B) Click/tap on the Find Now button. (see screenshot below)

Use AppLocker to Block Microsoft Store Apps in Windows 10-block_microsoft_store_app_in_applocker-c.png

C) Select a user or group you want, and click/tap on OK. (see screenshot below)

Use AppLocker to Block Microsoft Store Apps in Windows 10-block_microsoft_store_app_in_applocker-d.jpg

D) Click/tap on OK. (see screenshot below)

Use AppLocker to Block Microsoft Store Apps in Windows 10-block_microsoft_store_app_in_applocker-e.png

10 Select (dot) Deny, and click/tap on Next. (see screenshot below)

Use AppLocker to Block Microsoft Store Apps in Windows 10-block_microsoft_store_app_in_applocker-8.jpg

11 Select (dot) Use an installed packaged app as a reference, and click/tap on Select. (see screenshot below)

Use AppLocker to Block Microsoft Store Apps in Windows 10-block_microsoft_store_app_in_applocker-9.jpg

12 Check an app (ex: "Your Phone") you want to block, and click/tap on OK. (see screenshot below)

Use AppLocker to Block Microsoft Store Apps in Windows 10-block_microsoft_store_app_in_applocker-10.jpg

13 Click/tap on Next. (see screenshot below)

Use AppLocker to Block Microsoft Store Apps in Windows 10-block_microsoft_store_app_in_applocker-11.jpg

14 Click/tap on Next. (see screenshot below)

Use AppLocker to Block Microsoft Store Apps in Windows 10-block_microsoft_store_app_in_applocker-12.jpg

15 Click/tap on Create. (see screenshot below)

Use AppLocker to Block Microsoft Store Apps in Windows 10-block_microsoft_store_app_in_applocker-13.jpg

16 Your new rule for "Packaged app Rules" will now be created. (see screenshot below)

Use AppLocker to Block Microsoft Store Apps in Windows 10-block_microsoft_store_app_in_applocker-14.jpg

17 Repeat steps 7 to 16 if you would like to create another new rule to block a different Microsoft Store app (aka: packaged app) for a user or group.

18 When finished, you can close the Local Security Policy window.


That's it,
Shawn Brink


Related Tutorials



  • Windows 11 Tutorials