• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 306
  • Last Modified:

.NET Security

How to Configure the Code Access Security Policy for .NET



All .NET Applications run on the local machine with no problem as this is the default setting.


However, such is not the case with .NET Applications placed on the Intranet shares.  Attempting to do so will result in Security Exceptions being raised when these applications are run.


To get rid of this problem do the following:


1)      Under Control Panel double-click on Administrative Tools.

2)      In Administrative Tools double-click on Microsoft .NET Framework 1.1 Configuration.

3)      Once this program opens click on the link for Configure Code Access Security Policy.

4)      On the next screen click Adjust Zone Security.

5)      Make changes to This Computer.

6)      Click on the icon for Local Intranet.

7)      Move the Trust Level to Full Trust and click Next…then Next again…then Finish.


Applications places on the Intranet should now run without having Security Exceptions raised.


Is there a better way to be handling this?

Can issues like this be configured or resolved during the INSTALL?

Tom Knowlton
Tom Knowlton
  • 2
  • 2
1 Solution
Yes this can be configured during the Install.

The way you do this is you take a fresh computer with default Code Policy rules.

Follow the instructions above, exception on the 'Enterprise' section rather than the computer.

Once the above you listed is done, save it etc etc and now. WIthin the .NET Configuration window do the following:

-  Right Click on the 'Runtime Security Policy' object

- Select 'Create Deployment Package'

- Make sure enterprise is selected, and select a name for your package and click next and finish.


Now you have a .msi installer package that will propigate your Security policy to any machine it is run on.  You can *EASILY* deploy this package via the Active Directory Application Deployment (2k or 2k3), or you can do it with a start script or system-to-system.

Needless to say, this is how you propigate global assembly cache and runtime trusts throughout a large enterprise network.  You can do that for runtime trusts, global assembly cache settings, etc.  And it is all with a .msi package you can silently install, via the domain or with other applications if you wish.

Hope that helps!!!

Tom KnowltonWeb developerAuthor Commented:
How interesting!!!!!
Tom KnowltonWeb developerAuthor Commented:
I added a few more points for your trouble!
Glad I could help :)
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: CompTIA Healthcare IT Tech

This course will help prep you to earn the CompTIA Healthcare IT Technician certification showing that you have the knowledge and skills needed to succeed in installing, managing, and troubleshooting IT systems in medical and clinical settings.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now