This documentation is archived and is not being maintained.

How to: Remove Code Groups Using Caspol.exe

You can use the Code Access Security Policy tool (Caspol.exe) to remove code groups from code group hierarchies. When you delete a code group that has child code groups, you also delete the child code groups. You cannot copy part of a code group hierarchy to another part of the code group or to another code group hierarchy. Therefore, deleting a parent code group destroys any security behavior that was defined in its child hierarchy.

Caution noteCaution:

Because it can strongly affect security, use extreme caution when you delete code groups.

To remove a code group from a code group hierarchy

  • Type the following command at the command prompt:

    caspol [-enterprise|-machine|-user] –remgroup {label|name}

    Specify the policy-level option before the –remgroup option. If you omit the policy-level option, Caspol.exe removes the specified code group hierarchy from the default policy level. For computer administrators, the default level is the machine policy level; for others, it is the user policy level.

    The following command deletes the code group labeled 1.1.2..

    caspol –remgroup 1.1.2.

    The following command deletes the code group named MyApp_CodeGroup.

    caspol –remgroup MyApp_CodeGroup