|Important||This document may not represent best practices for current development, links to downloads and other resources may no longer be valid. Current recommended version can be found here.|
How to: Administer Security Policy for Nondefault Users Using Caspol.exe
You can use the Code Access Security Policy tool (Caspol.exe) to administer a user policy for a user other than the current user.
To administer user policy for a user other than the current user
Use the -customuser path option instead of the –user policy-level option.
The –customuser option points Caspol.exe to a specified user security configuration file. Note that –customuser must be followed by the path to the user security configuration file.
The following command lists the code groups in the user security policy configuration file located in C:\config_test\.
caspol –customuser "C:\config_test\security.config" –listgroups
When you specify the –all option before the policy-level option to list or resolve policy, Caspol.exe considers all policy levels (user, machine, and enterprise). The -all option always uses the policy for the current user. However, you can use the policy for another user in a list of all policy levels or a policy resolution across policy levels.
To list or resolve all policy levels for a user other than the current user
Use the -customall path option instead of the -all option.
The following command resolves policy against the current enterprise and machine policy, as well as against a custom user policy.
caspol –customall "c:\config_test\security.config" –resolvegroup "myApplication.exe"