J
John Kotuby
Hello all,
Note: This is the full version of a Post that I inadvertently sent before it
was complete.
About a year ago I wrote a VB.NET 2003 solution that consists of a number
of assemblies (1 EXE and 15 DLLS). As I recall, in order to deploy the
solution to a testing server I simply copied the contents of the Bin folder
in the development area where the compiled assemblies reside. Be patient
with me here, because I haven't used .NET since then ... our primary
development environment is still VB6, as we have a large application with 6
years devoted to it and are not quite ready to do a complete re-write in
..NET.
The .NET project which had been dormant for a year is now back in action. I
tried creating an MSI install project from within the solution. It appeared
to include the primary EXE all the necessary dependencies (I don't even
remember how I created that Installer at the moment).
The bottom line is that now when I try to deploy to either a Test Server
share or a local workstation (which is a member of a Domain), I get
Microsoft .NET security errors upon trying to start the Executable.
Examples:
Local Workstation:
"An unhandled exception has occurred....
"Access to the path 'C:\Program Files\Testing' is denied.
Server Share:
"The application attempted to perform an operation not allowed by the
security policy. The operation required the SecurityException. To grant this
application the required permission please contact your system
administrator, or use the Microsoft .NET security policy administrator."
So, I used the .NET 1.1 and 2.0 Configuration tools to try to create a
Runtime Security Code Group to allow the program to run. I don't remember
having to do this last year...strangely enough. I was not able to
successfully get the program to execute after a few hours of reading
documentation and trying different things in the Configuration tools. The
documentation and even the tools themselves are somewhat inscrutable to the
uninitiated. Even the fact that there are so many membership conditions is
confusing. A plain English explanation somewhere would be helpful.
I tried using the Wizard in .NET 1.1 to allow premissions for each and every
included assembly... no luck there.
I then went on tho use caspol.exe... here is an example of a v2.0 bat
file...
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe -all -resolveperm
c:\dmedi\dmEDI.Client.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe -all -resolveperm
c:\dmedi\dmEDI.ClientModules.Context.Business.dll
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe -all -resolveperm
c:\dmedi\dmEDI.ClientModules.Context.Configuration.dll
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe -all -resolveperm
c:\dmedi\dmEDI.ClientModules.Context.Data.dll
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe -all -resolveperm
c:\dmedi\dmEDI.ClientModules.Core.dll
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe -all -resolveperm
c:\dmedi\dmEDI.ClientModules.FTP.Business.dll
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe -all -resolveperm
c:\dmedi\dmEDI.ClientModules.FTP.Config.dll
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe -all -resolveperm
c:\dmedi\dmEDI.LocalModules.Configuration.dll
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe -all -resolveperm
c:\dmedi\dmEDI.LocalModules.Data.dll
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe -all -resolveperm
c:\dmedi\dmEDI.LocalModules.Document.dll
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe -all -resolveperm
c:\dmedi\dmEDI.LocalModules.Notice.dll
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe -all -resolveperm
c:\dmedi\dmEDI.LocalModules.PL.dll
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe -all -resolveperm
c:\dmedi\dmEDI.LocalModules.Sample.dll
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe -all -resolveperm
c:\dmedi\dmEDI.LocalModules.Session.dll
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe -all -resolveperm
c:\dmedi\dmEDI.LocalModules.Test.dll
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe -all -resolveperm
c:\dmedi\dmEDI.WebServices.dll
Run in a command prompt, every command indicated SUCCESS. But no luck there
either. I fillowed up with the v1.1 version of the same.
I then tried following instructions from an MSDN lab exercise...
@rem - polchgprompt - Enables or disables the prompt that is displayed
@rem - whenever Caspol.exe is run using an option that
@rem - would cause policy changes.
@rem - addgroup - Adds a new code group to the code group hierarchy.
@rem - url - Specifies code that originates from the given URL.
@rem - name - specifies the scripting name for a code group to add.
CD \
PATH=%windir%\microsoft.net\framework\v1.1.4322\
caspol.exe -polchgprompt off -u -addgroup All_Code -url "C:\dmedi\*"
FullTrust -name "dmEDI_on_C_run"
caspol.exe -polchgprompt on
Pause
No good there either.
Finally I used the caspol commantd to suspend security checking altogether
caspol -e off.
No luck... I realize I only ran it in the v2.0 .NET folder.
There is an .SNK file in the development folder. The project still runs from
the Bin directory in the development folder without a problem. For now I
just provide my development
partner a link to that EXE so he could continue with his part of the project
(which he is writing in VB6... long story).
I must get back to another VB6 project due in one week.
Any help would be appreciated... thanks in advance. Sorry about the double
post.
Note: This is the full version of a Post that I inadvertently sent before it
was complete.
About a year ago I wrote a VB.NET 2003 solution that consists of a number
of assemblies (1 EXE and 15 DLLS). As I recall, in order to deploy the
solution to a testing server I simply copied the contents of the Bin folder
in the development area where the compiled assemblies reside. Be patient
with me here, because I haven't used .NET since then ... our primary
development environment is still VB6, as we have a large application with 6
years devoted to it and are not quite ready to do a complete re-write in
..NET.
The .NET project which had been dormant for a year is now back in action. I
tried creating an MSI install project from within the solution. It appeared
to include the primary EXE all the necessary dependencies (I don't even
remember how I created that Installer at the moment).
The bottom line is that now when I try to deploy to either a Test Server
share or a local workstation (which is a member of a Domain), I get
Microsoft .NET security errors upon trying to start the Executable.
Examples:
Local Workstation:
"An unhandled exception has occurred....
"Access to the path 'C:\Program Files\Testing' is denied.
Server Share:
"The application attempted to perform an operation not allowed by the
security policy. The operation required the SecurityException. To grant this
application the required permission please contact your system
administrator, or use the Microsoft .NET security policy administrator."
So, I used the .NET 1.1 and 2.0 Configuration tools to try to create a
Runtime Security Code Group to allow the program to run. I don't remember
having to do this last year...strangely enough. I was not able to
successfully get the program to execute after a few hours of reading
documentation and trying different things in the Configuration tools. The
documentation and even the tools themselves are somewhat inscrutable to the
uninitiated. Even the fact that there are so many membership conditions is
confusing. A plain English explanation somewhere would be helpful.
I tried using the Wizard in .NET 1.1 to allow premissions for each and every
included assembly... no luck there.
I then went on tho use caspol.exe... here is an example of a v2.0 bat
file...
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe -all -resolveperm
c:\dmedi\dmEDI.Client.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe -all -resolveperm
c:\dmedi\dmEDI.ClientModules.Context.Business.dll
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe -all -resolveperm
c:\dmedi\dmEDI.ClientModules.Context.Configuration.dll
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe -all -resolveperm
c:\dmedi\dmEDI.ClientModules.Context.Data.dll
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe -all -resolveperm
c:\dmedi\dmEDI.ClientModules.Core.dll
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe -all -resolveperm
c:\dmedi\dmEDI.ClientModules.FTP.Business.dll
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe -all -resolveperm
c:\dmedi\dmEDI.ClientModules.FTP.Config.dll
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe -all -resolveperm
c:\dmedi\dmEDI.LocalModules.Configuration.dll
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe -all -resolveperm
c:\dmedi\dmEDI.LocalModules.Data.dll
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe -all -resolveperm
c:\dmedi\dmEDI.LocalModules.Document.dll
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe -all -resolveperm
c:\dmedi\dmEDI.LocalModules.Notice.dll
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe -all -resolveperm
c:\dmedi\dmEDI.LocalModules.PL.dll
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe -all -resolveperm
c:\dmedi\dmEDI.LocalModules.Sample.dll
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe -all -resolveperm
c:\dmedi\dmEDI.LocalModules.Session.dll
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe -all -resolveperm
c:\dmedi\dmEDI.LocalModules.Test.dll
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe -all -resolveperm
c:\dmedi\dmEDI.WebServices.dll
Run in a command prompt, every command indicated SUCCESS. But no luck there
either. I fillowed up with the v1.1 version of the same.
I then tried following instructions from an MSDN lab exercise...
@rem - polchgprompt - Enables or disables the prompt that is displayed
@rem - whenever Caspol.exe is run using an option that
@rem - would cause policy changes.
@rem - addgroup - Adds a new code group to the code group hierarchy.
@rem - url - Specifies code that originates from the given URL.
@rem - name - specifies the scripting name for a code group to add.
CD \
PATH=%windir%\microsoft.net\framework\v1.1.4322\
caspol.exe -polchgprompt off -u -addgroup All_Code -url "C:\dmedi\*"
FullTrust -name "dmEDI_on_C_run"
caspol.exe -polchgprompt on
Pause
No good there either.
Finally I used the caspol commantd to suspend security checking altogether
caspol -e off.
No luck... I realize I only ran it in the v2.0 .NET folder.
There is an .SNK file in the development folder. The project still runs from
the Bin directory in the development folder without a problem. For now I
just provide my development
partner a link to that EXE so he could continue with his part of the project
(which he is writing in VB6... long story).
I must get back to another VB6 project due in one week.
Any help would be appreciated... thanks in advance. Sorry about the double
post.