How to: Administer Security Policy for Nondefault Users Using Caspol.exe

Article
11/04/2011

You can use the Code Access Security Policy tool (Caspol.exe) to administer a user policy for a user other than the current user.

To administer user policy for a user other than the current user

Use the -customuser path option instead of the –user policy-level option.

The –customuser option points Caspol.exe to a specified user security configuration file. Note that –customuser must be followed by the path to the user security configuration file.

The following command lists the code groups in the user security policy configuration file located in C:\config_test\.
```
caspol –customuser "C:\config_test\security.config" –listgroups
```

When you specify the –all option before the policy-level option to list or resolve policy, Caspol.exe considers all policy levels (user, machine, and enterprise). The -all option always uses the policy for the current user. However, you can use the policy for another user in a list of all policy levels or a policy resolution across policy levels.

To list or resolve all policy levels for a user other than the current user

Use the -customall path option instead of the -all option.

The following command resolves policy against the current enterprise and machine policy, as well as against a custom user policy.
```
caspol –customall "c:\config_test\security.config" –resolvegroup "myApplication.exe"
```

How to: Administer Security Policy for Nondefault Users Using Caspol.exe

To administer user policy for a user other than the current user

To list or resolve all policy levels for a user other than the current user

See Also

Reference

Concepts

Other Resources

Additional resources