WATYF <WA****@gmail.c omwrote in
news:eb******** *************** ***********@r66 g2000hsg.google groups.com:
On May 18, 2:20 pm, james <men...@arisia. invalid.orgwrot e:
>WATYF <WAT...@gmail.c omwrote
innews:b4***** *************** **************@ l64g2000hse.goo glegroups.c
om:
So I had a problem recently... my .NET apps would no longer run
from a particular share, nor could I open them in VS.NET. See:
[snip]
So I went into Internet Explorer's "zone" area and added the domain
that the network share is on to the "Intranet Sites" list.
But the problem still remains the same. I've got a network share
[snip]
>IIRC, you need to be using caspol.exe rather than the zones set with
Internet Explorer. That's what I had to do in my very similar case,
anyway.
Good luck!
--
The email address, above, is most certainly munged. Perhaps you
might reply to the newsgroup, instead? Thanks!
How would I use caspol to do this? I tried running it from command
line, but I got an "access denied" message.
Basically, I just need to tell ".NET" that any assembly that exists on
the drive mapped like so: ( share on 'sub.corpdomain .org\shares' )
belongs to the IntRAnet zone, not the IntERnet zone. How do I do
this??
WATYF
It gets complicated. First, a reference: http://msdn.microsoft.com/en-us/libr...tz(VS.80).aspx
You might also try a:
<dotnetframewor kpath\caspol.ex e -list | more
to see what _they_ mean by the groups (some of which share names with
more familiar IE groups).
So, my .Net 2.0 program, to get to run from a network share, required
several things. First, the person setting up for remote access was a
local admin on the box. Power User might work, I'm not sure. The user
has to be able to modify local security policies, though, because that's
what caspol does. Second, they required caspol.exe, which is usually in
c:\windows\micr osoft.net\frame work\v<version> \CasPol.exe. Note that if
side-by-side versions of .Net are installed then you must use the one
that corresponds with the version of .Net framework your program uses.
Then I wrote this command file:
@echo off
echo y|c:\windows\mi crosoft.net\fra meowrk\v2.0.507 27\caspol.exe -m -ag
1.2 -url file://server/sharename/path/to/my/program/* FullTrust
exit
That echo y| thing is all one easy-to-read line. -ag 1.2 is AddGroup for
the Zone - Intranet: LocalIntranet, which is how intranet shares are
classified. The 1.2 is easily found in the first few lines of caspol -
list | more.
Google is your friend. Also, I should have named my entry because I seem
to be getting multiple entries, one per program update. Also, every user
must rerun the caspol command file each time your program version is
updated because that's part of the security (note that the * in my
example allows _all_ code from that location to be run, not necessarily
very secure).
I found my example using google, hopefully this is enough to get you
going.
--
The email address, above, is most certainly munged. Perhaps you
might reply to the newsgroup, instead? Thanks! 3  3133 
On May 21, 1:18 am, james <men...@arisia. invalid.orgwrot e:
WATYF <WAT...@gmail.c omwrote innews:eb****** *************** *************@r 66g2000hsg.goog legroups.com:
On May 18, 2:20 pm, james <men...@arisia. invalid.orgwrot e:
WATYF <WAT...@gmail.c omwrote
innews:b4****** *************** *************@l 64g2000hse.goog legroups.c
om:
So I had a problem recently... my .NET apps would no longer run
from a particular share, nor could I open them in VS.NET. See:
[snip]
So I went into Internet Explorer's "zone" area and added the domain
that the network share is on to the "Intranet Sites" list.
But the problem still remains the same. I've got a network share
[snip]
IIRC, you need to be using caspol.exe rather than the zones set with
Internet Explorer. That's what I had to do in my very similar case,
anyway.
Good luck!
--
The email address, above, is most certainly munged. Perhaps you
might reply to the newsgroup, instead? Thanks!
How would I use caspol to do this? I tried running it from command
line, but I got an "access denied" message.
Basically, I just need to tell ".NET" that any assembly that exists on
the drive mapped like so: ( share on 'sub.corpdomain .org\shares' )
belongs to the IntRAnet zone, not the IntERnet zone. How do I do
this??
WATYF
It gets complicated. First, a reference:http://msdn.microsoft.com/en-us/libr...tz(VS.80).aspx
You might also try a:
<dotnetframewor kpath\caspol.ex e -list | more
to see what _they_ mean by the groups (some of which share names with
more familiar IE groups).
So, my .Net 2.0 program, to get to run from a network share, required
several things. First, the person setting up for remote access was a
local admin on the box. Power User might work, I'm not sure. The user
has to be able to modify local security policies, though, because that's
what caspol does. Second, they required caspol.exe, which is usually in
c:\windows\micr osoft.net\frame work\v<version> \CasPol.exe. Note that if
side-by-side versions of .Net are installed then you must use the one
that corresponds with the version of .Net framework your program uses.
Then I wrote this command file:
@echo off
echo y|c:\windows\mi crosoft.net\fra meowrk\v2.0.507 27\caspol.exe -m -ag
1.2 -url file://server/sharename/path/to/my/program/* FullTrust
exit
That echo y| thing is all one easy-to-read line. -ag 1.2 is AddGroup for
the Zone - Intranet: LocalIntranet, which is how intranet shares are
classified. The 1.2 is easily found in the first few lines of caspol -
list | more.
Google is your friend. Also, I should have named my entry because I seem
to be getting multiple entries, one per program update. Also, every user
must rerun the caspol command file each time your program version is
updated because that's part of the security (note that the * in my
example allows _all_ code from that location to be run, not necessarily
very secure).
I found my example using google, hopefully this is enough to get you
going.
--
The email address, above, is most certainly munged. Perhaps you
might reply to the newsgroup, instead? Thanks!
Hi there. I appreciate the response. I have, of course, been using
Google to find the answer to this, but it hasn't returned any useful
results as yet. And while your example seemed very promising at first,
unfortunately it doesn't solve my problem.
What you're doing is making a share trusted... which I had already
done, and which was already working well for quite some time. The
issue arose when my IT dept decided to change the way the share is
mapped. It is no longer mapped using the UNC path (\\server\share
\subfolder\). It is now mapped using a domain (sub.corpdomain .org\share
\subfolder). It is this method of mapping that causes the problem,
because, apparently, it doesn't see that share as a network share, but
rather as an internet URL (which is why it puts it in the Internet
zone).
My problem lies with telling .NET that all apps at that URL are
trusted.
WATYF
On May 29, 10:15 am, WATYF <WAT...@gmail.c omwrote:
On May 21, 1:18 am, james <men...@arisia. invalid.orgwrot e:
WATYF <WAT...@gmail.c omwrote innews:eb****** *************** *************@r 66g2000hsg.goog legroups.com:
On May 18, 2:20 pm, james <men...@arisia. invalid.orgwrot e:
>WATYF <WAT...@gmail.c omwrote
>innews:b4***** *************** **************@ l64g2000hse.goo glegroups.c
>om:
So I had a problem recently... my .NET apps would no longer run
from a particular share, nor could I open them in VS.NET. See:
[snip]
So I went into Internet Explorer's "zone" area and added the domain
that the network share is on to the "Intranet Sites" list.
But the problem still remains the same. I've got a network share
[snip]
>IIRC, you need to be using caspol.exe rather than the zones set with
>Internet Explorer. That's what I had to do in my very similar case,
>anyway.
>Good luck!
>--
>The email address, above, is most certainly munged. Perhaps you
>might reply to the newsgroup, instead? Thanks!
How would I use caspol to do this? I tried running it from command
line, but I got an "access denied" message.
Basically, I just need to tell ".NET" that any assembly that exists on
the drive mapped like so: ( share on 'sub.corpdomain .org\shares' )
belongs to the IntRAnet zone, not the IntERnet zone. How do I do
this??
WATYF
It gets complicated. First, a reference:http://msdn.microsoft.com/en-us/libr...tz(VS.80).aspx
You might also try a:
<dotnetframewor kpath\caspol.ex e -list | more
to see what _they_ mean by the groups (some of which share names with
more familiar IE groups).
So, my .Net 2.0 program, to get to run from a network share, required
several things. First, the person setting up for remote access was a
local admin on the box. Power User might work, I'm not sure. The user
has to be able to modify local security policies, though, because that's
what caspol does. Second, they required caspol.exe, which is usually in
c:\windows\micr osoft.net\frame work\v<version> \CasPol.exe. Note that if
side-by-side versions of .Net are installed then you must use the one
that corresponds with the version of .Net framework your program uses.
Then I wrote this command file:
@echo off
echo y|c:\windows\mi crosoft.net\fra meowrk\v2.0.507 27\caspol.exe -m -ag
1.2 -url file://server/sharename/path/to/my/program/* FullTrust
exit
That echo y| thing is all one easy-to-read line. -ag 1.2 is AddGroup for
the Zone - Intranet: LocalIntranet, which is how intranet shares are
classified. The 1.2 is easily found in the first few lines of caspol -
list | more.
Google is your friend. Also, I should have named my entry because I seem
to be getting multiple entries, one per program update. Also, every user
must rerun the caspol command file each time your program version is
updated because that's part of the security (note that the * in my
example allows _all_ code from that location to be run, not necessarily
very secure).
I found my example using google, hopefully this is enough to get you
going.
--
The email address, above, is most certainly munged. Perhaps you
might reply to the newsgroup, instead? Thanks!
Hi there. I appreciate the response. I have, of course, been using
Google to find the answer to this, but it hasn't returned any useful
results as yet. And while your example seemed very promising at first,
unfortunately it doesn't solve my problem.
What you're doing is making a share trusted... which I had already
done, and which was already working well for quite some time. The
issue arose when my IT dept decided to change the way the share is
mapped. It is no longer mapped using the UNC path (\\server\share
\subfolder\). It is now mapped using a domain (sub.corpdomain .org\share
\subfolder). It is this method of mapping that causes the problem,
because, apparently, it doesn't see that share as a network share, but
rather as an internet URL (which is why it puts it in the Internet
zone).
My problem lies with telling .NET that all apps at that URL are
trusted.
WATYF
Well... I mostly found a solution for this.
I tried a million different ways from Sunday to add the domain
(sub.corpdomain .org) as a trusted URL (I used -url, I used -site, with
wildcards, without wildcards, I added the group at the All Code level,
at the Intranet level, at the Internet level, etc) but nothing
worked... so I decided to try the actual drive letter (since this
particular share is always mapped to the same letter)... and lo and
behold... it worked.
So here's what the syntax for caspol would be:
caspol -m -url file:\\Z:/* FullTrust
(where "Z" is the drive letter).
You can do this in the .NET 2.0 configuration tool as well (go to
Runtime Security Policy Machine Code Groups All_Code and add a
new group for URL using that same url (file:\\Z:/*).
Note that I didn't add it at the Intranet level...that's because this
share wasn't showing up in the Intranet level (since that's the source
of my problem in the first place). You could also add this group to
the Internet zone, but I want this to affect all code, even stuff that
somehow falls under another zone (since it used to run as Intranet and
now runs as Internet, I don't want to have to worry about it switching
back and breaking this configuration).
WATYF
Crap... I switched up the slashes... the URL would be:
file://Z:\*
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Jawahar Rajan |
last post by:
All,
I am working on a project that requires the companies clients to login to
our web site.
however for employees of the companies they do not want to have a login. But
a lot of the asp pages that I have depend on the login being successful
because it return some values about the user privileges etc.
I am thus allowing company employees...
|
by: Rob Locher |
last post by:
I have a server running NT 4 Server that is on my local domain that
hosts an ASP application. I have a problem: when I try to test the
ASP application from a computer on the same domain running IE6 on
Windows 2000, the browser will not store the session key. Computers
running other versions of Internet Explorer store the session key.
When I...
|
by: Stephanie Stowe |
last post by:
I am new to ASP.NET having come from ASP classic background. I need to
understand authentication. I have a server running IIS which contains an
ASP.NET app. On IIS the app has both anonymous and Windows Integrated
Authentication enabled. In the ASP.NET app, the web.config file contains
<authentication mode="Windows" />
The help on this...
|
by: Tim Greenfield |
last post by:
Hello,
Maybe this is old news to some of you but I discovered a really cool
feature... if you put a .NET exe on your web site you can load it from a
client machine by just running the URL. For example:
http://www.myserver.com/something/test.exe
No Open or Save As dialogs... it just runs like a web page would.
It will even grab dependency...
|
by: RSH |
last post by:
I am having a bit of trouble filling a datatable with a query. I'm getting
the error message:
System.FormatException: String was not recognized as a valid DateTime. at
System.DateTimeParse.Parse(String s, DateTimeFormatInfo dtfi, DateTimeStyles
styles) at System.DateTime.Parse(String s, IFormatProvider provider,
DateTimeStyles styles) at...
| | |
by: gbraux |
last post by:
Hello,
I am dealing with security zones in Internet Explorer.
I know how to add websites programaticaly to the intranet zone (using
IInternetSecurityManager::SetZoneMapping).
But do anyone know how to check/uncheck programaticaly the "Require
server verification (https:) from all sites in this zone" ?
I looked all over MSDN, but do not...
|
by: =?Utf-8?B?RFhSaWNr?= |
last post by:
The MCTS 70-536 book tells you to invoke your assembly using the loop-back
URL, so you can make it think it is running in the intranet zone for security
tests.
The book tells you to run commands with the loop-back URL 127.0.0.1. I
cannot get any of them to work on my computer. One of them is for exercise 3
of chapter 5. Here are the...
|
by: WATYF |
last post by:
On May 16, 2:21 pm, qglyirnyf...@mailinator.com wrote:
Using the "Evaluate Assembly" tool, I can see that all assemblies on
this particular share are showing up as being in the "Internet Zone".
But I already knew this (see previous post linked above).
WATYF
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it. ...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the...
| | |
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating...
| |
