Re: Automating the roll-out of permission sets & code groups

---

• From: ssg31415926 <newsjunkmail@xxxxxxxxx>
• Date: Mon, 25 Jun 2007 03:07:42 -0700

---

Thanks for the reply. I did see that in the help but I couldn't get
it to work. It wasn't clear from the help if it applied to this
specific command. Are you sure that it does?


On 21 Jun, 17:42, "Nicole Calinoiu" <calinoiu REMOVETHIS AT gmail DOT
com> wrote:

Caspol allows groups to be referenced by names as well as by numeric id
(even if there are no relevant examples in the docs).

"ssg31415926" <newsjunkm...@xxxxxxxxx> wrote in message

news:1182351214.633209.85920@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

I need to roll out a permission set and add a url to the Trusted zone
group. I was planning to use caspol.exe but I'm getting inconsistent
results with zone numbers. Specifically, caspol -listgroups returns
this on my PC (I've removed the strong name key):

Code Groups:
1. All code: Nothing
1.1. Zone - MyComputer: FullTrust
1.1.1. StrongName - <removed>: FullTrust
1.1.2. StrongName - <removed>: FullTrust
1.2. Zone - Intranet: LocalIntranet
1.2.1. All code: Same site Web
1.2.2. All code: Same directory FileIO - 'Read, PathDiscovery'
1.3. Zone - Internet: Internet
1.3.1. All code: Same site Web
1.4. Zone - Trusted: Internet
1.4.1. All code: Same site Web
1.5. Zone - Untrusted: Nothing

On another PC, 1.4 and 1.5 are reversed. I was planning to use this
command line to roll out the addition:

caspol.exe -addgroup 1.5 -urlhttp://serverName/*NewPermSet

If they're not consistent, how can I roll out my addition?

SSG

.

---

• Follow-Ups:
  • Re: Automating the roll-out of permission sets & code groups
    • From: ssg31415926

• References:
  • Automating the roll-out of permission sets & code groups
    • From: ssg31415926
  • Re: Automating the roll-out of permission sets & code groups
    • From: Nicole Calinoiu

• Prev by Date: Re: .Net 2.0
• Next by Date: Re: Automating the roll-out of permission sets & code groups
• Previous by thread: Re: Automating the roll-out of permission sets & code groups
• Next by thread: Re: Automating the roll-out of permission sets & code groups
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: AD DNS naming ... my e-mail and Site Internet." ... infrastructure (mostly with respect to DNS and VPN). ... If you do not select this option and go with scenario 2 ... Each DNS zone is authoritative for the zone of that ... (microsoft.public.windows.server.dns) Re: How many Global Catalog Servers are needed? ... make for an AD DNS FQDN domain name, ... external Internet you need scenario 1, although it is the most DNS-intensive ... Each DNS zone is authoritative for the zone of that name so ... (microsoft.public.windows.server.active_directory) Re: .com versus.local ... DNS and public names on the internet etc but I have never had someone ... All DNS entries are help at the ISP. ... external Internet you need scenario 1, although it is the most DNS-intensive ... Each DNS zone is authoritative for the zone of that name so ... (microsoft.public.windows.server.dns) Re: Domain naming strategies ... a delegation to an unreachable internal dns server. ... my e-mail and Site Internet." ... network and from the external Internet you need scenario 1, ... Each DNS zone is authoritative for the zone of that name so ... (microsoft.public.windows.server.active_directory) RE: Automatically opening IE + Executing attachments ... Files started from the temporary internet folder even by double clicking ... Microsoft Internet Explorer application and have it fetch a URL ... of the zone in which the user resides or the application in use. ... which is sometimes filtered out (see Eudora). ... (Bugtraq)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.dotnet.security  > 2007-06