How to: Add Permission Sets Using Caspol.exe

  • Article

You can use the Code Access Security Policy tool (Caspol.exe) to add permission sets to a code group. Before you can associate a named permission set with a code group, it must be known at the code group's policy level. Before you can add the permission set to the code group's policy level, you must create it as an XML file.

To add a named permission set to a policy level

  • Type the following command at the command prompt:

    caspol [-enterprise|-machine|-user] -addpset xmlFile [permissionSetName]

    Specify the policy-level option before the –addpset option. If you omit the policy-level option, Caspol.exe adds the permission set at the default policy level. For computer administrators, the default level is the machine policy level; for others, it is the user policy level.

    You must supply a permission set name if the XML file does not contain one in the form of a name attribute value.

    The following command imports the MyPermissions.xml permission set file as the MyPermissions permission set at the machine policy level.

    caspol -machine –addpset MyPermissions.xml MyPermissions

See Also

Tasks

How to: Import a Permission Set by Using an XML File

Reference

Caspol.exe (Code Access Security Policy Tool)

Concepts

Security Policy Model

Other Resources

Configuring Security Policy Using the Code Access Security Policy Tool (Caspol.exe)

Configuring Permission Sets Using Caspol.exe