Windows 8: Prevent other Users from accessing Windows Store Apps with AppLocker

By -

You all must be aware of Windows Applocker, which blocks users from installing or using certain apps. This feature was introduced since the evolution of Windows 7 and is now improved with many new added features in Windows 8. This feature gives the absolute right to administrator of the system to limit the access of certain features for the other users on the computer. Here is the tutorial about Applocker in Windows 8.

Block Apps using AppLocker in Windows 8

If you are the Admin for your system that have a multiple, using AppLocker you can block or allow certain users or user groups from installing or using certain applications. You can take the help of black-listing rules or white-listing rules to achieve this result. But, AppLocker allows you to set the limit, like which applications and files the other users can execute. This includes executable files, scripts, Windows Installer files, DLLs, Packaged apps, packaged app installers and many more.

app blocked

AppLocker in Windows 8 as mentioned earlier now embeds many interesting features, for instance it now allows you block legacy as well as Windows Store apps.

How to Block Apps using AppLocker in Windows 8?

If you want to prevent users from installing or running Windows Store Apps on your Windows 8 system using Applocker, follow the steps given below.

  • Press Windows key + R to open the RUN dialog box
  • Type in secpol.msc and hit Enter to open the Local Security Policy Editor

local security policy applocker

  • Under the console tree, navigate to Security Settings > Application Control Policies > AppLocker
  • Now, select where you want to create the rule. This may possibly be for an Executable, Windows Installer, Scripts or in the case of Windows 8, a Windows Store packaged app.
    For example, if you want to create a rule for Packaged apps, then simply right-click on Packaged apps and select Create Rule. This will get a Before You Begin page

before you begin applocker

  • Click Next to reach the Permissions page

permissions applocker

  • In this page, select the action viz. Allow or Deny and the User or User Group you want the rule to apply. Click Next to reach the Conditions page

conditions applocker

  • Here is how you want to create the rules – base on Publishers, File Path or Has. For instance, if you choose Publishers, which is a default one. Now click on Next to reach the Publisher page

publisher applocker

  • In the publisher page itself you can browse and choose a Reference for the Packaged app and set as a Scope for the rule.
    Settings for Scope include:
    Applies to Any publisher
    Applies to a specific Publisher
    Applies to a Package name
    Applies to a Package version
    Applying custom values to the rule
    The options for Reference include:
    Use an installed packaged app as a reference
    Use a packaged app installer as a reference
  • Once you have made your selections, again click on Next.

There are other features like if you wish to exclude the rules, go to the Exceptions page and specify conditions. You can create a name or accept the name generated automatically under Name and Description page.

Before running AppLocker on your system make sure that the Identity service for the App is running on the system. Windows 8 has disabled Group Policy Client service, gpsvc, which is essential for running AppLOcker by default. To enable the feature go to services.msc.

The difference between AppLocker in Windows 8 & Windows 7 OS is that Windows 8 installed Applocker allows you to create rules for Packaged Windows Store apps. In addition to this it can control the .mst and .appx file formats.

Upon blocking any App with Applocker , when the user start any Windows Store app or try installing any kind of software gets a prompt “This app has been blocked by your system administrator, you will have to contact your Administrator and ask him to create rules to allow you to use (or install) the software.”

app blocked message

Now you no longer have to worry about the installation of useless software from the other users and no need to worry when the other users are accessing the device.


Priyanka contributes to the Computer and Gadgets section on Techcular.

Leave a Reply

Your email address will not be published. Required fields are marked *

What is 5 + 6 ?
Please leave these two fields as-is:
IMPORTANT! To be able to proceed, you need to solve the following simple math (so we know that you are a human) :-)