WATYF <WATYF1@gmail.c omwrote in
news:eb43eb6a-afaa-4e39-ac0b-850afdb6d1e4@r6 6g2000hsg.googl egroups.com:
[snip]
>>
[snip]
>
>
How would I use caspol to do this? I tried running it from command
line, but I got an "access denied" message.
>
>
Basically, I just need to tell ".NET" that any assembly that exists on
the drive mapped like so: ( share on 'sub.corpdomain .org\shares' )
belongs to the IntRAnet zone, not the IntERnet zone. How do I do
this??
>
>
WATYF
>
It gets complicated. First, a reference:
You might also try a:
<dotnetframewor kpath\caspol.ex e -list | more
to see what _they_ mean by the groups (some of which share names with
more familiar IE groups).
So, my .Net 2.0 program, to get to run from a network share, required
several things. First, the person setting up for remote access was a
local admin on the box. Power User might work, I'm not sure. The user
has to be able to modify local security policies, though, because that's
what caspol does. Second, they required caspol.exe, which is usually in
c:\windows\micr osoft.net\frame work\v<version> \CasPol.exe. Note that if
side-by-side versions of .Net are installed then you must use the one
that corresponds with the version of .Net framework your program uses.
Then I wrote this command file:
@echo off
echo y|c:\windows\mi crosoft.net\fra meowrk\v2.0.507 27\caspol.exe -m -ag
1.2 -url file://server/sharename/path/to/my/program/* FullTrust
exit
That echo y| thing is all one easy-to-read line. -ag 1.2 is AddGroup for
the Zone - Intranet: LocalIntranet, which is how intranet shares are
classified. The 1.2 is easily found in the first few lines of caspol -
list | more.
Google is your friend. Also, I should have named my entry because I seem
to be getting multiple entries, one per program update. Also, every user
must rerun the caspol command file each time your program version is
updated because that's part of the security (note that the * in my
example allows _all_ code from that location to be run, not necessarily
very secure).
I found my example using google, hopefully this is enough to get you
going.
--
The email address, above, is most certainly munged. Perhaps you
might reply to the newsgroup, instead? Thanks!
news:eb43eb6a-afaa-4e39-ac0b-850afdb6d1e4@r6 6g2000hsg.googl egroups.com:
On May 18, 2:20 pm, james <men...@arisia. invalid.orgwrot e:
>WATYF <WAT...@gmail.c omwrote
>innews:b49180b 8-f865-4aae-aa4c-6896e6d9f3c8@l6 4g2000hse.googl egroups.c
>om:
>>
>>
>>
>innews:b49180b 8-f865-4aae-aa4c-6896e6d9f3c8@l6 4g2000hse.googl egroups.c
>om:
>>
>>
>>
So I had a problem recently... my .NET apps would no longer run
from a particular share, nor could I open them in VS.NET. See:
from a particular share, nor could I open them in VS.NET. See:
So I went into Internet Explorer's "zone" area and added the domain
that the network share is on to the "Intranet Sites" list.
that the network share is on to the "Intranet Sites" list.
But the problem still remains the same. I've got a network share
>IIRC, you need to be using caspol.exe rather than the zones set with
>Internet Explorer. That's what I had to do in my very similar case,
>anyway.
>>
>Good luck!
>>
>--
>The email address, above, is most certainly munged. Perhaps you
>might reply to the newsgroup, instead? Thanks!
>Internet Explorer. That's what I had to do in my very similar case,
>anyway.
>>
>Good luck!
>>
>--
>The email address, above, is most certainly munged. Perhaps you
>might reply to the newsgroup, instead? Thanks!
>
How would I use caspol to do this? I tried running it from command
line, but I got an "access denied" message.
>
>
Basically, I just need to tell ".NET" that any assembly that exists on
the drive mapped like so: ( share on 'sub.corpdomain .org\shares' )
belongs to the IntRAnet zone, not the IntERnet zone. How do I do
this??
>
>
WATYF
>
You might also try a:
<dotnetframewor kpath\caspol.ex e -list | more
to see what _they_ mean by the groups (some of which share names with
more familiar IE groups).
So, my .Net 2.0 program, to get to run from a network share, required
several things. First, the person setting up for remote access was a
local admin on the box. Power User might work, I'm not sure. The user
has to be able to modify local security policies, though, because that's
what caspol does. Second, they required caspol.exe, which is usually in
c:\windows\micr osoft.net\frame work\v<version> \CasPol.exe. Note that if
side-by-side versions of .Net are installed then you must use the one
that corresponds with the version of .Net framework your program uses.
Then I wrote this command file:
@echo off
echo y|c:\windows\mi crosoft.net\fra meowrk\v2.0.507 27\caspol.exe -m -ag
1.2 -url file://server/sharename/path/to/my/program/* FullTrust
exit
That echo y| thing is all one easy-to-read line. -ag 1.2 is AddGroup for
the Zone - Intranet: LocalIntranet, which is how intranet shares are
classified. The 1.2 is easily found in the first few lines of caspol -
list | more.
Google is your friend. Also, I should have named my entry because I seem
to be getting multiple entries, one per program update. Also, every user
must rerun the caspol command file each time your program version is
updated because that's part of the security (note that the * in my
example allows _all_ code from that location to be run, not necessarily
very secure).
I found my example using google, hopefully this is enough to get you
going.
--
The email address, above, is most certainly munged. Perhaps you
might reply to the newsgroup, instead? Thanks!
Comment