Export (0) Print
Expand All

How to: Remove Code Groups Using Caspol.exe

You can use the Code Access Security Policy tool (Caspol.exe) to remove code groups from code group hierarchies. When you delete a code group that has child code groups, you also delete the child code groups. You cannot copy part of a code group hierarchy to another part of the code group or to another code group hierarchy. Therefore, deleting a parent code group destroys any security behavior that was defined in its child hierarchy.

Caution noteCaution

Because it can strongly affect security, use extreme caution when you delete code groups.

To remove a code group from a code group hierarchy

  • Type the following command at the command prompt:

    caspol [-enterprise|-machine|-user] –remgroup {label|name}

    Specify the policy-level option before the –remgroup option. If you omit the policy-level option, Caspol.exe removes the specified code group hierarchy from the default policy level. For computer administrators, the default level is the machine policy level; for others, it is the user policy level.

    The following command deletes the code group labeled 1.1.2..

    caspol –remgroup 1.1.2.
    

    The following command deletes the code group named MyApp_CodeGroup.

    caspol –remgroup MyApp_CodeGroup
    

Community Additions

ADD
Show:
© 2014 Microsoft