No .Net 2.0 Configuration Tool
arti
exceptions. I realize that I need to adjust the security policy. But every
place I look says to use the "Microsoft .Net Framework Configuration Tool"
which is located in the Administrative Tools. But in fact there is no
"Microsoft .Net Framework Configuration tool" or anything like that on this
PC. I am signed on as Administrator.
How can I adjust the security so that my application can run on this PC?
Thanks.
Claus Konrad
longhaired approach.
At my pc (XP Prof.), the tool which is an mmc-snapin is found here:
"C:\Program Files\Microsoft Visual Studio 8\SDK\v2.0\Bin\mscorcfg.msc"
/Claus
"arti" <myste...@artechnology.com> wrote in message
news:%23RjB$9jBGH...@TK2MSFTNGP14.phx.gbl...
Dominick Baier [DevelopMentor]
the GUI only gets installed with the SDK - the plain redist package does
not contain it anymore..
---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com
arti
the "command-line tool" Caspol (are we still in the 80s?) I don't even see
how to do that. Here is why:
It is located here:
"C:\WINNT\Microsoft.NET\Framework\v2.0.50727\Caspol.exe". When you install
the plain redist package it does not add that to the Path environment
variable. So I have two options:
1. Include the full path in a batch file that I have to run everywhere (of
course some PCs have Windows installed in WINNT and some use WINDOWS) which
is a kludge
2. Do it manually from the command line. Except that you can't do this.
Why? Open a command window and type "CD \WINNT\Microsoft.NET" and you get
"Invalid directory."
Can anyone offer any suggestions as to how I can make this something other
than a big pain?
Thanks!
"Dominick Baier [DevelopMentor]" <dba...@pleasepleasenospamdevelop.com>
wrote in message news:4580be63174f28...@news.microsoft.com...
Claus Konrad
I wonder if you have an Visual Studio Command Prompt? This guy has the
nesseceary settings to call Caspol.exe.Alternatively locate vcvars32.bat and
run that; it should set the appropriate settings.
Now - Caspol is a beast of it's own without the UI.
the syntax is like this:
Usage: caspol <option> <args> ...
caspol -m[achine]
Modifier that makes additional commands act on the machine level
caspol -u[ser]
Modifier that makes additional commands act on the user level
caspol -en[terprise]
Modifier that makes additional commands act on the enterprise level
caspol -cu
caspol -customuser <path>
Modifier that makes additional commands act on the custom user level
caspol -a[ll]
Set all policy levels as the active levels
caspol -ca
caspol -customall <path>
Modifier that makes additional commands act on all levels as a custom
user
caspol -l[ist]
List code groups & permission sets
caspol -lg
caspol -listgroups
List code groups
caspol -lp
caspol -listpset
List permission sets
caspol -lf
caspol -listfulltrust
List full trust assemblies
caspol -ld
caspol -listdescription
List code group names and descriptions
caspol -ap
caspol -addpset { <named_xml_file> | <xml_file> <name> }
Add named permission set to policy level
caspol -cp
caspol -chgpset <xml_file> <pset_name>
Change named permission set in active level
caspol -rp
caspol -rempset <pset_name>
Remove a named permission set from the policy level
caspol -af
caspol -addfulltrust <assembly_name>
Add full trust assembly to policy level
caspol -rf
caspol -remfulltrust <assembly_name>
Remove a full trust assembly from the policy level
caspol -rg
caspol -remgroup <label|name>
Remove code group at <label|name>
caspol -cg
caspol -chggroup <label|name> {<mship>|<pset_name>|<flag>}+
Change code group at <label|name> to given membership,
permission set, or flags
caspol -ag
caspol -addgroup <parent_label|name> <mship> <pset_name> <flag>
Add code group to <parent_label|name> with given membership,
permission set, and flags
caspol -rsg
caspol -resolvegroup <assembly_name>
List code groups this file belongs to
caspol -rsp
caspol -resolveperm <assembly_name>
List permissions granted to this file
caspol -s[ecurity] { on | off }
Turn security on or off
caspol -e[xecution] { on | off }
Enable/Disable checking for "right-to-run" on code execution start-up
caspol -pp
caspol -polchgprompt { on | off }
Enable/Disable policy change prompt
caspol -q[uiet]
Disable policy change prompt for this command
caspol -r[ecover]
Recover the most recently saved version of a level
"arti" <myste...@artechnology.com> wrote in message
news:e5XPaEwB...@TK2MSFTNGP14.phx.gbl...
Nicole Calinoiu
your batch files?
"arti" <myste...@artechnology.com> wrote in message
news:e5XPaEwB...@TK2MSFTNGP14.phx.gbl...
arti
you can do with the Configuration Tool.
For example, I can set the "Intranet Zone" to FullTrust easily wth the
Config Tool. But I do not see how to do this with CasPol.
I suppose the real problem I am having is that I just want an application to
run off of our internal network. But this seems awfully complicated with
.Net 2.0. With earlier versions I just opened the Config tool on each PC
and set Intranet to FullTrust. I have read all of the documentation and I
have to admit that I don't fully understand how exactly I should go about
this.
Thanks,
-- Brian
"Claus Konrad" <some> wrote in message
news:OqQbDNyB...@TK2MSFTNGP12.phx.gbl...
Claus Konrad
Well - something like this:
This is not the full and final script - but shows some testing.
Use the caspol -lg to see the labels of the individual groups (e.g. 1.2 is
Intranet_Zone).
--list groups
caspol -lg
-- add a new group
caspol -machine -addgroup 1.7 -url \\some\s LocalIntranet
--remove the group
caspol -machine -remgroup 1.7.2
--add full trhst to localintranet
caspol -machine -chggroup 1.2 FullTrust
/Claus
"arti" <myste...@artechnology.com> wrote in message
news:uo%23WkM6D...@TK2MSFTNGP10.phx.gbl...