How to: Add Permission Sets Using Caspol.exe
Important This document may not represent best practices for current development, links to downloads and other resources may no longer be valid. Current recommended version can be found here. ArchiveDisclaimer

How to: Add Permission Sets Using Caspol.exe 

You can use the Code Access Security Policy tool (Caspol.exe) to add permission sets to a code group. Before you can associate a named permission set with a code group, it must be known at the code group's policy level. Before you can add the permission set to the code group's policy level, you must create it as an XML file.

To add a named permission set to a policy level

  • Type the following command at the command prompt:

    caspol [-enterprise|-machine|-user] -addpset xmlFile [permissionSetName]

    Specify the policy-level option before the –addpset option. If you omit the policy-level option, Caspol.exe adds the permission set at the default policy level. For computer administrators, the default level is the machine policy level; for others, it is the user policy level.

    You must supply a permission set name if the XML file does not contain one in the form of a name attribute value.

    The following command imports the MyPermissions.xml permission set file as the MyPermissions permission set at the machine policy level.

    caspol -machine –addpset MyPermissions.xml MyPermissions

See Also

© 2015 Microsoft