.NET Security

Posted on 2005-04-28
Last Modified: 2010-12-13
How to Configure the Code Access Security Policy for .NET



All .NET Applications run on the local machine with no problem as this is the default setting.


However, such is not the case with .NET Applications placed on the Intranet shares.  Attempting to do so will result in Security Exceptions being raised when these applications are run.


To get rid of this problem do the following:


1)      Under Control Panel double-click on Administrative Tools.

2)      In Administrative Tools double-click on Microsoft .NET Framework 1.1 Configuration.

3)      Once this program opens click on the link for Configure Code Access Security Policy.

4)      On the next screen click Adjust Zone Security.

5)      Make changes to This Computer.

6)      Click on the icon for Local Intranet.

7)      Move the Trust Level to Full Trust and click Next…then Next again…then Finish.


Applications places on the Intranet should now run without having Security Exceptions raised.


Is there a better way to be handling this?

Can issues like this be configured or resolved during the INSTALL?

Question by:knowlton
    LVL 4

    Accepted Solution

    Yes this can be configured during the Install.

    The way you do this is you take a fresh computer with default Code Policy rules.

    Follow the instructions above, exception on the 'Enterprise' section rather than the computer.

    Once the above you listed is done, save it etc etc and now. WIthin the .NET Configuration window do the following:

    -  Right Click on the 'Runtime Security Policy' object

    - Select 'Create Deployment Package'

    - Make sure enterprise is selected, and select a name for your package and click next and finish.


    Now you have a .msi installer package that will propigate your Security policy to any machine it is run on.  You can *EASILY* deploy this package via the Active Directory Application Deployment (2k or 2k3), or you can do it with a start script or system-to-system.

    Needless to say, this is how you propigate global assembly cache and runtime trusts throughout a large enterprise network.  You can do that for runtime trusts, global assembly cache settings, etc.  And it is all with a .msi package you can silently install, via the domain or with other applications if you wish.

    Hope that helps!!!

    LVL 5

    Author Comment

    How interesting!!!!!
    LVL 5

    Author Comment

    I added a few more points for your trouble!
    LVL 4

    Expert Comment

    Glad I could help :)

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Top 6 Sources for Identifying Threat Actor TTPs

    Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

    Summary: Persistence is the capability of an application to store the state of objects and recover it when necessary. This article compares the two common types of serialization in aspects of data access, readability, and runtime cost. A ready-to…
    It was really hard time for me to get the understanding of Delegates in C#. I went through many websites and articles but I found them very clumsy. After going through those sites, I noted down the points in a easy way so here I am sharing that unde…
    Need more eyes on your posted question? Go ahead and follow the quick steps in this video to learn how to Request Attention to your question. *Log into your Experts Exchange account *Find the question you want to Request Attention for *Go to the e…
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

    760 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now