Store Apps in Intune

By Rory Monaghan


Anyone who listens to my podcast each week, will know that I have been covering the store app feature for Intune for months now. The feature has now arrived into general availability with the December Intune update. Store Apps accessed and deployed directly from Intune with Windows Package Manager as the feed sounds promising. Perhaps it could be an incentive for developers to embrace the Store and modernize their applications with the promise to enable enterprise customers to deploy their applications seamlessly across their organisations. That would be the dream, right? Is it perfect right out of the gate? No. Does it have potential? Absolutely! 

The Store Supports Traditional Win32 Apps to Bring Value to the Store

Microsoft previously announced support for  traditional Win32 apps in the Microsoft Store. This is a good move by Microsoft to try to get more high value and quality applications available to customers via the Store and by enabling customers to deploy Store apps via Intune there is a potential to cut out the middle man entirely. No packaging required…but at least with the initial release of the Store Apps in Intune that isn’t reality…

Figure 1 – Adding Store App in Intune

The current iteration, does not provide a means to apply customisations, which many large enterprises in particular will require for standardisation purposes. Competing services such as Patch My PC currently provide auto updating all the applications, but with the ability to apply your own customisations on top of the vendor installer.  Which one could argue makes it more valuable for managing 3rd party applications and their updates in enterprise than the just launched Store Apps in Intune.

Is Applying Customisations to Packages Part of a Modern Application Management Approach?

To look at this with an eye on the future. One could argue applying customisations at the package level may become a thing of the past. Perhaps, applying customisations and passing customer specific configurations such as license keys, environment variables, database connection strings etc. Could all be set using modern policies…but as of right now that is not the case.

Figure 2 – Configuration Settings in Intune

Intune for Application Management

The elephant in the room when it comes to using Intune for application management is performance issues. Net new application deployments can take hours to complete. When testing using store apps., this still appears to be the case, at least when using a standard default configuration of Intune. I should state while I did test with Win32 Apps that are in the Store – Support for Win32 Apps in the Store with the Intune integration is currently in preview so maybe performance will improve once stable.

I brought deployment times for net new packages on Twitter in the past and got a reply from a man based in Europe stating his org was lucky when applications deployed to devices within 24 hours! For some End User Computing teams, particularly those who used traditional tools for managing physical endpoints – the slow deployment times may not seem like a big deal. This may be par for the course. Unfortunately, some Desktop Admins had to become somewhat accustomed to never knowing how long an application deployment would take to reach all targeted devices and usually scheduled deployments with an assumption that a certain percentage of installs would fail. While it is great that there are more options for deploying applications in Intune, performance must improve. Unfortunately on the reliability front, I believe deploying Win32 apps will not help reduce install failures.

The App Debate

It is unfortunate that progress for the architecture of Windows packages has been halted per se by Microsoft bringing support for Win32 package formats that are over 20 years old into the Store. The grim reality is developers have not been embracing UWP and MSIX the way some of us would have hoped. Unless Microsoft force end-of-life for Windows Installer and remove it from the Operating System (which I believe is not possible) , I can’t see how they will convince developers to move to MSIX quicker and if Microsoft wants more high quality applications in the store they must support the package formats developers and vendors are using, which is still mostly MSI. Bringing support for deploying apps straight from the store via Intune would’ve had little fanfare if the Store only had UWP apps that the enterprise don’t use! As I see it, Microsoft is stuck between a rock and a hard place:

They can’t kill off Windows Installer to force developers to use more modern formats. Since developers have not been developing into those modern formats, the Store was looking a little poor but now supporting Win32 apps, is almost like an endorsement to keep developing them. Is this the right thing to do?…maybe it is!?

What Would I Like to See in the Future?

It is time to poop or get off the pot. If Win32 apps are the future, Windows Installers should receive more new features and updates.

For the Intune Store Apps feature, I feel like Microsoft should do a major cleanup on the Windows Package Manager repository, there are so many junkie applications in the service, as well as some worrying looking fakes/impersonators. Some applications simply don’t install properly! My desire for this to be cleaned up pre-dates this Intune feature, as I would like to use WinGet as a source for my own automated application packaging too.

I would also like to see greater consistency with Intune application deployment speed and greater visibility into the background process so administrators know when the applications are truly ready to deploy to user devices and estimate how long deployments will actually take to complete.

At the time of writing this post, I have been mostly unsuccessful when importing 3rd party GPO Administrative Templates into Intune and very few  3rd party apps have modern policy settings available. This would need to be fixed in future to potentially reduce the need for repackaging of applications.

The most obvious feature that is missing is the ability to customise the applications before deploying just like customers currently get with Patch My PC. In an even more ideal world, Microsoft would provide a modern Windows package format that works for ALL applications. One that would not take a lot of time and effort for developers to adopt in their release process. One that doesn’t suffer from a relatively high failure rate on install and uninstall and one that improves the end user experience, developer experience and IT admin experience!

Let's make virtualization easier!

Be amongst the first to know when I publish new reviews, guides and tools to simplify your projects.

By signing up, you agree to our Terms of Use and acknowledge the data practices in our Privacy Policy. You may unsubscribe at any time.