Re: Automating the roll-out of permission sets & code groups

From: ssg31415926 <newsjunkmail@xxxxxxxxx>
Date: Mon, 25 Jun 2007 03:07:42 -0700

Thanks for the reply. I did see that in the help but I couldn't get
it to work. It wasn't clear from the help if it applied to this
specific command. Are you sure that it does?

On 21 Jun, 17:42, "Nicole Calinoiu" <calinoiu REMOVETHIS AT gmail DOT
com> wrote:

Caspol allows groups to be referenced by names as well as by numeric id
(even if there are no relevant examples in the docs).

"ssg31415926" <newsjunkm...@xxxxxxxxx> wrote in message

news:1182351214.633209.85920@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

I need to roll out a permission set and add a url to the Trusted zone
group. I was planning to use caspol.exe but I'm getting inconsistent
results with zone numbers. Specifically, caspol -listgroups returns
this on my PC (I've removed the strong name key):

Code Groups:
1. All code: Nothing
1.1. Zone - MyComputer: FullTrust
1.1.1. StrongName - <removed>: FullTrust
1.1.2. StrongName - <removed>: FullTrust
1.2. Zone - Intranet: LocalIntranet
1.2.1. All code: Same site Web
1.2.2. All code: Same directory FileIO - 'Read, PathDiscovery'
1.3. Zone - Internet: Internet
1.3.1. All code: Same site Web
1.4. Zone - Trusted: Internet
1.4.1. All code: Same site Web
1.5. Zone - Untrusted: Nothing

On another PC, 1.4 and 1.5 are reversed. I was planning to use this
command line to roll out the addition:

caspol.exe -addgroup 1.5 -urlhttp://serverName/*NewPermSet

If they're not consistent, how can I roll out my addition?

SSG

Follow-Ups:
- Re: Automating the roll-out of permission sets & code groups
  - From: ssg31415926

References:
- Automating the roll-out of permission sets & code groups
  - From: ssg31415926
- Re: Automating the roll-out of permission sets & code groups
  - From: Nicole Calinoiu

Prev by Date: Re: .Net 2.0
Next by Date: Re: Automating the roll-out of permission sets & code groups
Previous by thread: Re: Automating the roll-out of permission sets & code groups
Next by thread: Re: Automating the roll-out of permission sets & code groups
Index(es):
- Date
- Thread

Relevant Pages

Re: AD DNS naming
... my e-mail and Site Internet." ... infrastructure (mostly with respect to DNS and VPN). ... If you do not select this option and go with scenario 2 ... Each DNS zone is authoritative for the zone of that ...
(microsoft.public.windows.server.dns)
Re: How many Global Catalog Servers are needed?
... make for an AD DNS FQDN domain name, ... external Internet you need scenario 1, although it is the most DNS-intensive ... Each DNS zone is authoritative for the zone of that name so ...
(microsoft.public.windows.server.active_directory)
Re: .com versus.local
... DNS and public names on the internet etc but I have never had someone ... All DNS entries are help at the ISP. ... external Internet you need scenario 1, although it is the most DNS-intensive ... Each DNS zone is authoritative for the zone of that name so ...
(microsoft.public.windows.server.dns)
Re: DNS domain name same as AD domain
... Or should I change the DNS domain first to something else? ... For any host name that you wish to have access from both your internal network and from the external Internet you need scenario 1, although it is the most DNS-intensive over time. ... Each DNS zone is authoritative for the zone of that name so therefore the external DNS zone and internal AD/DNS zone will NOT replicate with each other thereby prevent internal company records to be visible to the outside Internet. ...
(microsoft.public.windows.server.dns)
Re: Domain naming strategies
... a delegation to an unreachable internal dns server. ... my e-mail and Site Internet." ... network and from the external Internet you need scenario 1, ... Each DNS zone is authoritative for the zone of that name so ...
(microsoft.public.windows.server.active_directory)