Udostępnij za pośrednictwem


How to: Administer Security Policy for Nondefault Users Using Caspol.exe

You can use the Code Access Security Policy tool (Caspol.exe) to administer a user policy for a user other than the current user.

To administer user policy for a user other than the current user

  • Use the -customuser path option instead of the –user policy-level option.

    The –customuser option points Caspol.exe to a specified user security configuration file. Note that –customuser must be followed by the path to the user security configuration file.

    The following command lists the code groups in the user security policy configuration file located in C:\config_test\.

    caspol –customuser "C:\config_test\security.config" –listgroups
    

When you specify the –all option before the policy-level option to list or resolve policy, Caspol.exe considers all policy levels (user, machine, and enterprise). The -all option always uses the policy for the current user. However, you can use the policy for another user in a list of all policy levels or a policy resolution across policy levels.

To list or resolve all policy levels for a user other than the current user

  • Use the -customall path option instead of the -all option.

    The following command resolves policy against the current enterprise and machine policy, as well as against a custom user policy.

    caspol –customall "c:\config_test\security.config" –resolvegroup "myApplication.exe"
    

See Also

Reference

Caspol.exe (Code Access Security Policy Tool)

Concepts

Security Policy Model

Other Resources

Configuring Security Policy Using the Code Access Security Policy Tool (Caspol.exe)