Administering Security Policy for Nondefault Users
You can use Caspol.exe to administer a user policy for a user other than the current user.
To administer user policy for a user other than the current user
- Use the -customuser path option instead of the –user policy-level option.
The –customuser option points Caspol.exe to a specified user security configuration file. Note that –customuser must be followed by the path to the user security configuration file.
The following command lists the code groups in the user security policy configuration file located in
caspol –customuser "C:\config_test\security.config" –listgroups
When you specify the –all option before the policy-level option to list or resolve policy, Caspol.exe considers all policy levels (user, machine, and enterprise). The -all option always uses the policy for the current user. However, you can use the policy for another user in a list of all policy levels or a policy resolution across policy levels.
To list or resolve all policy levels for a user other than the current user
- Use the -customall path option instead of the -all option.
The following command resolves policy against the current enterprise and machine policy, as well as against a custom user policy.
caspol –customall "c:\config_test\security.config" –resolvegroup "myApplication.exe"