Essentially what they are asking you to do is deploy .Net security policies
on your machines such that someone could run a .Net app from a network
drive. By default, that is not allowed an results in a .Net security
exception. When you install the .Net framework on a machine, it installs an
MMC snap-in called Microsoft .Net Framework Configuration--you should see it
under Administrative Tools. Within that snap-in you would select the option
to "Configure Code Access Security Policy". From there you can adjust
Framework security settings to allow any apps run from the Local Intranet
Zone to have Full Trust (or whatever is appropriate). From within that
dialog, there is an option to create a Deployment Package. Essentially what
that does is create an .MSI file that contains these security policy
settings. You would then take that resulting .MSI file and use GP Software
Installation policy to deploy it to your client machines. Once installed, it
will modify their .Net framework security settings on those machines.
Darren
--
Darren Mar-Elia
MS-MVP-Windows Server--Group Policy
Script Group Policy Settings with the GPExpert Scripting Toolkit for
PowerShell!
Find out more at
http://www.sdmsoftware.com/products2.php
Visit the GPOGUY:
http://www.gpoguy.com -- The Windows Group Policy
Information Hub:
FAQs, Training Videos, Whitepapers and Utilities for all things Group
Policy-related
"Noob" <jm********@phillipsmfg.comwrote in message
news:11**********************@g4g2000hsf.googlegro ups.com...
They want me to: "Please research an AD setting that would allow us
to have .net programs on a network drive but not have to run the
caspol or gack commands, as we have done before"
They run: "CALL "%systemroot%\microsoft.net\framework
\v1.1.4322\caspol.exe" -pp off -machine -ag LocalIntranet_Zone -url
file:k:/* FullTrust -name AgilitydotNet"
Where do I even begin to look at making this change in the AD and or
Policies?
~Noob~
