|
dev
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Faillure to run .NET 2.0 app from UNCdevelopment machine. But when I deploy the app, it fails to run from an UNC path. I've already used CASPOL to add FullTrust to the UNC. The error that occurs us the following: System.InvalidOperationException was unhandled Message="An error occurred creating the form. See Exception.InnerException for details. The error is: Request for the permission of type 'System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed." Source="TMD" StackTrace: at TMD.My.MyProject.MyForms.Create__Instance__[T](T Instance) at TMD.My.MyApplication.OnCreateSplashScreen() at Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.ShowSplashScreen() at Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.OnInitialize(ReadOnlyCollection`1 commandLineArgs) at Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.DoApplicationModel() at Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.Run(String[] commandLine) at TMD.My.MyApplication.Main(String[] Args) It seems to happen when the app tries to show the SplashScreen -- Adri Programmers do it Bit by Bit It is obviously the security/permission issue. In order to run .NET code
from a network share, you need to 1. Give user necessary file access permission, read and execute, whether it is .NET file or not; 2. Allow .NET code from outside computer to run with CASPOL tool. Are you sure you have done both correctly? I do not see there is other reasons. Show quote "Adri" <a3@community.nospam> wrote in message news:B66FF897-A249-46CC-9092-ADAA9E990C58@microsoft.com... > I've built an localised .NET 2.0 application, which runs fine on my > development machine. But when I deploy the app, it fails to run from an > UNC > path. I've already used CASPOL to add FullTrust to the UNC. > > The error that occurs us the following: > System.InvalidOperationException was unhandled > Message="An error occurred creating the form. See > Exception.InnerException > for details. The error is: Request for the permission of type > 'System.Security.Permissions.SecurityPermission, mscorlib, > Version=2.0.0.0, > Culture=neutral, PublicKeyToken=b77a5c561934e089' failed." > Source="TMD" > StackTrace: > at TMD.My.MyProject.MyForms.Create__Instance__[T](T Instance) > at TMD.My.MyApplication.OnCreateSplashScreen() > at > Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.ShowSplashScreen() > at > Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.OnInitialize(ReadOnlyCollection`1 > commandLineArgs) > at > Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.DoApplicationModel() > at > Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.Run(String[] > commandLine) > at TMD.My.MyApplication.Main(String[] Args) > > It seems to happen when the app tries to show the SplashScreen > > -- > Adri > Programmers do it Bit by Bit Hi Norman,
The user (myself) has full access (on OS level) to the UNC share. The CASPOL call is: caspol -q -m -ag 1.2. -url file://SERVER/Share/* FullTrust -- Show quoteAdri Programmers do it Bit by Bit "Norman Yuan" wrote: > It is obviously the security/permission issue. In order to run .NET code > from a network share, you need to > > 1. Give user necessary file access permission, read and execute, whether it > is .NET file or not; > 2. Allow .NET code from outside computer to run with CASPOL tool. > > Are you sure you have done both correctly? I do not see there is other > reasons. > > > "Adri" <a3@community.nospam> wrote in message > news:B66FF897-A249-46CC-9092-ADAA9E990C58@microsoft.com... > > I've built an localised .NET 2.0 application, which runs fine on my > > development machine. But when I deploy the app, it fails to run from an > > UNC > > path. I've already used CASPOL to add FullTrust to the UNC. > > > > The error that occurs us the following: > > System.InvalidOperationException was unhandled > > Message="An error occurred creating the form. See > > Exception.InnerException > > for details. The error is: Request for the permission of type > > 'System.Security.Permissions.SecurityPermission, mscorlib, > > Version=2.0.0.0, > > Culture=neutral, PublicKeyToken=b77a5c561934e089' failed." > > Source="TMD" > > StackTrace: > > at TMD.My.MyProject.MyForms.Create__Instance__[T](T Instance) > > at TMD.My.MyApplication.OnCreateSplashScreen() > > at > > Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.ShowSplashScreen() > > at > > Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.OnInitialize(ReadOnlyCollection`1 > > commandLineArgs) > > at > > Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.DoApplicationModel() > > at > > Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.Run(String[] > > commandLine) > > at TMD.My.MyApplication.Main(String[] Args) > > > > It seems to happen when the app tries to show the SplashScreen > > > > -- > > Adri > > Programmers do it Bit by Bit > > > I usually do this (to give permission to run .NET code from a network share
on our LAN) by using .NET Framework Configuration console in "Control Panel->Administrative Tools" and it always workd. Can you try that, instead of CASPOL.exe at command line? (Although the result should be the same, if you do it correctly.) Just give it a try to prove you did it correctly with caspol.exe command line. If you have not done that in .NET framework configuration console, following these steps: 1. Open "Control Panel->Administrative Tools->.NET Framework 2.0 Configuration"; 2. Select node "Console Root->.Net Framework 2.0 Configuration->My Computer->Runtime Security Policy->Machine->Code Groups->All_Code" and right-click, select "New..."; 3. Select "Create a new code group" radio button and enter code group name of your choice; click "Next"; 4. In dropdown list, choose "URL" and enter URL (such as file://theserver/theshare/myCodeFolder/*); click "Next"; 5. Select a existing permission set, such as "FullTrust"; click "Next" and then "Finish". Now test your app. It should work (It work on a few of my Win form apps, including .NET1.1 and 2.0 apps) Show quote "Adri" <a3@community.nospam> wrote in message news:980E7660-3FE8-4BD2-83C7-23465F9C3845@microsoft.com... > Hi Norman, > > The user (myself) has full access (on OS level) to the UNC share. > > The CASPOL call is: > caspol -q -m -ag 1.2. -url file://SERVER/Share/* FullTrust > > -- > Adri > Programmers do it Bit by Bit > > > "Norman Yuan" wrote: > >> It is obviously the security/permission issue. In order to run .NET code >> from a network share, you need to >> >> 1. Give user necessary file access permission, read and execute, whether >> it >> is .NET file or not; >> 2. Allow .NET code from outside computer to run with CASPOL tool. >> >> Are you sure you have done both correctly? I do not see there is other >> reasons. >> >> >> "Adri" <a3@community.nospam> wrote in message >> news:B66FF897-A249-46CC-9092-ADAA9E990C58@microsoft.com... >> > I've built an localised .NET 2.0 application, which runs fine on my >> > development machine. But when I deploy the app, it fails to run from an >> > UNC >> > path. I've already used CASPOL to add FullTrust to the UNC. >> > >> > The error that occurs us the following: >> > System.InvalidOperationException was unhandled >> > Message="An error occurred creating the form. See >> > Exception.InnerException >> > for details. The error is: Request for the permission of type >> > 'System.Security.Permissions.SecurityPermission, mscorlib, >> > Version=2.0.0.0, >> > Culture=neutral, PublicKeyToken=b77a5c561934e089' failed." >> > Source="TMD" >> > StackTrace: >> > at TMD.My.MyProject.MyForms.Create__Instance__[T](T Instance) >> > at TMD.My.MyApplication.OnCreateSplashScreen() >> > at >> > Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.ShowSplashScreen() >> > at >> > Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.OnInitialize(ReadOnlyCollection`1 >> > commandLineArgs) >> > at >> > Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.DoApplicationModel() >> > at >> > Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.Run(String[] >> > commandLine) >> > at TMD.My.MyApplication.Main(String[] Args) >> > >> > It seems to happen when the app tries to show the SplashScreen >> > >> > -- >> > Adri >> > Programmers do it Bit by Bit >> >> >> Hi Norman,
The target machine has only the .NET 2.0 Runtime installed, and therefor there is no ".NET Framework 2.0 Configuration" available on the "Administrative Tools". That's why I used CASPOL -- Show quoteAdri Programmers do it Bit by Bit "Norman Yuan" wrote: > I usually do this (to give permission to run .NET code from a network share > on our LAN) by using .NET Framework Configuration console in "Control > Panel->Administrative Tools" and it always workd. Can you try that, instead > of CASPOL.exe at command line? (Although the result should be the same, if > you do it correctly.) Just give it a try to prove you did it correctly with > caspol.exe command line. > > If you have not done that in .NET framework configuration console, following > these steps: > > 1. Open "Control Panel->Administrative Tools->.NET Framework 2.0 > Configuration"; > 2. Select node "Console Root->.Net Framework 2.0 Configuration->My > Computer->Runtime Security Policy->Machine->Code Groups->All_Code" and > right-click, select "New..."; > 3. Select "Create a new code group" radio button and enter code group name > of your choice; click "Next"; > 4. In dropdown list, choose "URL" and enter URL (such as > file://theserver/theshare/myCodeFolder/*); click "Next"; > 5. Select a existing permission set, such as "FullTrust"; click "Next" and > then "Finish". > > Now test your app. It should work (It work on a few of my Win form apps, > including .NET1.1 and 2.0 apps) > > > "Adri" <a3@community.nospam> wrote in message > news:980E7660-3FE8-4BD2-83C7-23465F9C3845@microsoft.com... > > Hi Norman, > > > > The user (myself) has full access (on OS level) to the UNC share. > > > > The CASPOL call is: > > caspol -q -m -ag 1.2. -url file://SERVER/Share/* FullTrust > > > > -- > > Adri > > Programmers do it Bit by Bit > > > > > > "Norman Yuan" wrote: > > > >> It is obviously the security/permission issue. In order to run .NET code > >> from a network share, you need to > >> > >> 1. Give user necessary file access permission, read and execute, whether > >> it > >> is .NET file or not; > >> 2. Allow .NET code from outside computer to run with CASPOL tool. > >> > >> Are you sure you have done both correctly? I do not see there is other > >> reasons. > >> > >> > >> "Adri" <a3@community.nospam> wrote in message > >> news:B66FF897-A249-46CC-9092-ADAA9E990C58@microsoft.com... > >> > I've built an localised .NET 2.0 application, which runs fine on my > >> > development machine. But when I deploy the app, it fails to run from an > >> > UNC > >> > path. I've already used CASPOL to add FullTrust to the UNC. > >> > > >> > The error that occurs us the following: > >> > System.InvalidOperationException was unhandled > >> > Message="An error occurred creating the form. See > >> > Exception.InnerException > >> > for details. The error is: Request for the permission of type > >> > 'System.Security.Permissions.SecurityPermission, mscorlib, > >> > Version=2.0.0.0, > >> > Culture=neutral, PublicKeyToken=b77a5c561934e089' failed." > >> > Source="TMD" > >> > StackTrace: > >> > at TMD.My.MyProject.MyForms.Create__Instance__[T](T Instance) > >> > at TMD.My.MyApplication.OnCreateSplashScreen() > >> > at > >> > Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.ShowSplashScreen() > >> > at > >> > Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.OnInitialize(ReadOnlyCollection`1 > >> > commandLineArgs) > >> > at > >> > Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.DoApplicationModel() > >> > at > >> > Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.Run(String[] > >> > commandLine) > >> > at TMD.My.MyApplication.Main(String[] Args) > >> > > >> > It seems to happen when the app tries to show the SplashScreen > >> > > >> > -- > >> > Adri > >> > Programmers do it Bit by Bit > >> > >> > >> > > > Hi Adri,
Please try to grant FullTrust permission to Intranet on the machine that runs the code to see if this can work. Kevin Yu Microsoft Online Community Support ================================================== Get notification to my posts through email? Please refer to http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif ications. Note: The MSDN Managed Newsgroup support offering is for non-urgent issues where an initial response from the community or a Microsoft Support Engineer within 1 business day is acceptable. Please note that each follow up response may take approximately 2 business days as the support professional working with you may need further investigation to reach the most efficient resolution. The offering is not appropriate for situations that require urgent, real-time or phone-based interactions or complex project analysis and dump analysis issues. Issues of this nature are best handled working with a dedicated Microsoft Support Engineer by contacting Microsoft Customer Support Services (CSS) at http://msdn.microsoft.com/subscriptions/support/default.aspx. ================================================== (This posting is provided "AS IS", with no warranties, and confers no rights.) Hi Kevin,
Tried to give FullTrust to the Intranet, but it still doesn't work :( -- Show quoteAdri Programmers do it Bit by Bit "Kevin Yu [MSFT]" wrote: > Hi Adri, > > Please try to grant FullTrust permission to Intranet on the machine that > runs the code to see if this can work. > > Kevin Yu > Microsoft Online Community Support > > ================================================== > Get notification to my posts through email? Please refer to > http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif > ications. > Note: The MSDN Managed Newsgroup support offering is for non-urgent issues > where an initial response from the community or a Microsoft Support > Engineer within 1 business day is acceptable. Please note that each follow > up response may take approximately 2 business days as the support > professional working with you may need further investigation to reach the > most efficient resolution. The offering is not appropriate for situations > that require urgent, real-time or phone-based interactions or complex > project analysis and dump analysis issues. Issues of this nature are best > handled working with a dedicated Microsoft Support Engineer by contacting > Microsoft Customer Support Services (CSS) at > http://msdn.microsoft.com/subscriptions/support/default.aspx. > ================================================== > > (This posting is provided "AS IS", with no warranties, and confers no > rights.) > > Hi Adri,
This is really weird. Based on the stack trace, it fails at the beginning when splash screen shows. Are you doing anything special on the splash screen showing? For example, are your writing to some file, while you don't have permission writing to that shared folder? Please also try to give full control of that UNC to your account. Kevin Yu Microsoft Online Community Support ================================================== (This posting is provided "AS IS", with no warranties, and confers no rights.) Hi Kevin
It's just a regular splash-screen, derived from the VS2005 template. The only modifications I've done are adding an animated GIF to the picture box and stting the Localizable property to True. I have Full Control to the UNC where the aplication is run from. Regards, -- Show quoteAdri Programmers do it Bit by Bit "Kevin Yu [MSFT]" wrote: > Hi Adri, > > This is really weird. Based on the stack trace, it fails at the beginning > when splash screen shows. Are you doing anything special on the splash > screen showing? For example, are your writing to some file, while you don't > have permission writing to that shared folder? Please also try to give full > control of that UNC to your account. > > Kevin Yu > Microsoft Online Community Support > ================================================== > > (This posting is provided "AS IS", with no warranties, and confers no > rights.) > > Hi Adri,
Can you try to run this app again if you have another machine that have .NET framework installed? If it works fine on that machine, please re-install .NET framework on you machine. Is the version of .NET framework you've developed on the same to the one it is running on? If that still doesn't help, could you please send me a copy of your app by email? Remove 'online' from the nospam alias is my real email? I'll check it ASAP. Thank you! Kevin Yu Microsoft Online Community Support ================================================== (This posting is provided "AS IS", with no warranties, and confers no rights.) Hi Adri,
Thanks for your repro code. I tried to run the app on serveral computers that has only .NET framework 2.0 installed. At the beginning, when I run the .exe directly from the UNC path, the app crashed as desired. But after the .cmd is executed, the app loads OK. Is the directory file://devnov/TrademarkDirectory/ containing TMD.exe file directly? Kevin Yu Microsoft Online Community Support ================================================== (This posting is provided "AS IS", with no warranties, and confers no rights.) Hi Kevin,
Yes, the directory "file://devnov/TrademarkDirectory/" contains the TMD.exe file. The commandline to invoke the application is "\\DEVNOV\TrademarkDirectory\TMD.exe" with workingdirectory "\\DEVNOV\TrademarkDirectory" Regards, -- Show quoteAdri Programmers do it Bit by Bit "Kevin Yu [MSFT]" wrote: > Hi Adri, > > Thanks for your repro code. I tried to run the app on serveral computers > that has only .NET framework 2.0 installed. > > At the beginning, when I run the .exe directly from the UNC path, the app > crashed as desired. But after the .cmd is executed, the app loads OK. > > Is the directory file://devnov/TrademarkDirectory/ containing TMD.exe file > directly? > > Kevin Yu > Microsoft Online Community Support > ================================================== > > (This posting is provided "AS IS", with no warranties, and confers no > rights.) > > Hi Adri,
Could you also try to check the minimum grand set of permission your TMD.EXE requires. The following Permission Calculator tools can do it for you. http://msdn2.microsoft.com/en-us/library/ms165077.aspx I used permcalc -sandbox tmd.exe on my machine and it returns the following. <?xml version="1.0" ?> <Sandbox> <PermissionSet version="1" class="System.Security.PermissionSet"> <IPermission version="1" class="System.Security.Permissions.EnvironmentPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" Unrestricted="true" /> <IPermission version="1" class="System.Security.Permissions.FileIOPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" Unrestricted="true" /> <IPermission version="1" class="System.Security.Permissions.ReflectionPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" Unrestricted="true" /> <IPermission version="1" class="System.Security.Permissions.RegistryPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" Unrestricted="true" /> <IPermission version="1" class="System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" Flags="UnmanagedCode, Execution, ControlEvidence, ControlPrincipal, ControlAppDomain" /> <IPermission Window="AllWindows" Clipboard="OwnClipboard" version="1" class="System.Security.Permissions.UIPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" /> <IPermission version="1" class="System.Security.Permissions.KeyContainerPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" Unrestricted="true" /> <IPermission version="1" class="System.Data.SqlClient.SqlClientPermission, System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" Unrestricted="true" /> <IPermission version="1" class="System.Diagnostics.EventLogPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" Unrestricted="true" /> </PermissionSet> </Sandbox> Please check if these permission sets are met. If not, add them. If that still doesn't work, you can also add a strong name key to the .exe file and make the machine trust the key instead of trusting the shared folder. Please let me know the results after you try it. Kevin Yu Microsoft Online Community Support ================================================== Get notification to my posts through email? Please refer to http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif ications. Note: The MSDN Managed Newsgroup support offering is for non-urgent issues where an initial response from the community or a Microsoft Support Engineer within 1 business day is acceptable. Please note that each follow up response may take approximately 2 business days as the support professional working with you may need further investigation to reach the most efficient resolution. The offering is not appropriate for situations that require urgent, real-time or phone-based interactions or complex project analysis and dump analysis issues. Issues of this nature are best handled working with a dedicated Microsoft Support Engineer by contacting Microsoft Customer Support Services (CSS) at http://msdn.microsoft.com/subscriptions/support/default.aspx. ================================================== (This posting is provided "AS IS", with no warranties, and confers no rights.) Hello Kevin,
I've done some more investigation (using caspol.exe), but I've found out some interesting behaviour that I can't explain. I've done a CASPOL -rsg 'assemblyname' on my machine, where everything runs perfect and issued the same command on the machine where it went wrong. Examine the following results on my machine: caspol -lg Microsoft (R) .NET Framework CasPol 2.0.50727.42 Copyright (c) Microsoft Corporation. All rights reserved. Security is ON Execution checking is ON Policy change prompt is ON Level = Machine Code Groups: 1. All code: Nothing 1.1. Zone - MyComputer: FullTrust 1.1.1. StrongName - 002400000480000094000000060200000024000052534131000400000100010007D1FA57C4AED9F0A32E84AA0FAEFD0DE9E8FD6AEC8F87FB03766C834C99921EB23BE79AD9D5DCC1DD9AD236132102900B723CF980957FC4E177108FC607774F29E8320E92EA05ECE4E821C0A5EFE8F1645C4C0C93C1AB99285D622CAA652C1DFAD63D745D6F2DE5F17E5EAF0FC4963D261C8A12436518206DC093344D5AD293: FullTrust 1.1.2. StrongName - 00000000000000000400000000000000: FullTrust 1.2. Zone - Intranet: LocalIntranet 1.2.1. All code: Same site Web 1.2.2. All code: Same directory FileIO - 'Read, PathDiscovery' 1.2.3. Url - file://devnov/TrademarkDirectory/*: FullTrust <-- the added trust... 1.3. Zone - Internet: Internet 1.3.1. All code: Same site Web 1.4. Zone - Untrusted: Nothing 1.5. Zone - Trusted: Internet 1.5.1. All code: Same site Web Success And now resolve the appropriate group... caspol -rsg \\devnov\trademarkdirectory\TMD.exe Microsoft (R) .NET Framework CasPol 2.0.50727.42 Copyright (c) Microsoft Corporation. All rights reserved. Level = Enterprise Code Groups: 1. All code: FullTrust Level = Machine Code Groups: 1. All code: Nothing 1.2. Zone - Intranet: LocalIntranet 1.2.1. All code: Same site Web 1.2.2. All code: Same directory FileIO - 'Read, PathDiscovery' 1.2.3. Url - file://devnov/TrademarkDirectory/*: FullTrust <-- is OK Level = User Code Groups: 1. All code: FullTrust Success On the other hand, the results of caspol -rsg differ on the machine where TMD.exe won't run (I've omitted the results of caspol -lg, because they are the same) caspol -rsg \\devnov\trademarkdirectory\TMD.exe Microsoft (R) .NET Framework CasPol 2.0.50727.42 Copyright (c) Microsoft Corporation. All rights reserved. Level = Enterprise Code Groups: 1. All code: FullTrust Level = Machine Code Groups: 1. All code: Nothing 1.5. Zone - Trusted: Internet 1.5.1. All code: Same site Web Level = User Code Groups: 1. All code: FullTrust Success It seems to be that the application runs in a different zone. I can't figure out what causes this... -- Show quoteAdri Programmers do it Bit by Bit "Kevin Yu [MSFT]" wrote: > Hi Adri, > > Could you also try to check the minimum grand set of permission your > TMD.EXE requires. The following Permission Calculator tools can do it for > you. > > http://msdn2.microsoft.com/en-us/library/ms165077.aspx > > I used > > permcalc -sandbox tmd.exe > > on my machine and it returns the following. > > <?xml version="1.0" ?> > <Sandbox> > <PermissionSet version="1" class="System.Security.PermissionSet"> > <IPermission version="1" > class="System.Security.Permissions.EnvironmentPermission, mscorlib, > Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" > Unrestricted="true" /> > <IPermission version="1" > class="System.Security.Permissions.FileIOPermission, mscorlib, > Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" > Unrestricted="true" /> > <IPermission version="1" > class="System.Security.Permissions.ReflectionPermission, mscorlib, > Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" > Unrestricted="true" /> > <IPermission version="1" > class="System.Security.Permissions.RegistryPermission, mscorlib, > Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" > Unrestricted="true" /> > <IPermission version="1" > class="System.Security.Permissions.SecurityPermission, mscorlib, > Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" > Flags="UnmanagedCode, Execution, ControlEvidence, ControlPrincipal, > ControlAppDomain" /> > <IPermission Window="AllWindows" Clipboard="OwnClipboard" version="1" > class="System.Security.Permissions.UIPermission, mscorlib, Version=2.0.0.0, > Culture=neutral, PublicKeyToken=b77a5c561934e089" /> > <IPermission version="1" > class="System.Security.Permissions.KeyContainerPermission, mscorlib, > Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" > Unrestricted="true" /> > <IPermission version="1" > class="System.Data.SqlClient.SqlClientPermission, System.Data, > Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" > Unrestricted="true" /> > <IPermission version="1" class="System.Diagnostics.EventLogPermission, > System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" > Unrestricted="true" /> > </PermissionSet> > </Sandbox> > > Please check if these permission sets are met. If not, add them. > > If that still doesn't work, you can also add a strong name key to the .exe > file and make the machine trust the key instead of trusting the shared > folder. > > Please let me know the results after you try it. > > Kevin Yu > Microsoft Online Community Support > > ================================================== > Get notification to my posts through email? Please refer to > http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif > ications. > Note: The MSDN Managed Newsgroup support offering is for non-urgent issues > where an initial response from the community or a Microsoft Support > Engineer within 1 business day is acceptable. Please note that each follow > up response may take approximately 2 business days as the support > professional working with you may need further investigation to reach the > most efficient resolution. The offering is not appropriate for situations > that require urgent, real-time or phone-based interactions or complex > project analysis and dump analysis issues. Issues of this nature are best > handled working with a dedicated Microsoft Support Engineer by contacting > Microsoft Customer Support Services (CSS) at > http://msdn.microsoft.com/subscriptions/support/default.aspx. > ================================================== > > (This posting is provided "AS IS", with no warranties, and confers no > rights.) > > Hi Adri,
It seems that this site is in the different zone. Have you ever added this site to trusted zone? Please check it in the internet settings. Kevin Yu Microsoft Online Community Support ================================================== (This posting is provided "AS IS", with no warranties, and confers no rights.) Hi Kevin,
Thanks for your hit. It appeared that on the PC's where the app didn't work the site was added to the trusted zone. After removing the site from the trusted zone, the app worked quite fine. Also giving the UNC Share FullTrust permissons to the Trusted Zone group (and the site back in the trusted sites) gave correct results. Regards, -- Show quoteAdri Programmers do it Bit by Bit "Kevin Yu [MSFT]" wrote: > Hi Adri, > > It seems that this site is in the different zone. Have you ever added this > site to trusted zone? Please check it in the internet settings. > > Kevin Yu > Microsoft Online Community Support > > ================================================== > > > (This posting is provided "AS IS", with no warranties, and confers no > rights.) > > Great, Adri! It was nice to know that this issue is resolved. Thanks for
sharing your experience with all the people here. If you have any questions, please feel free to post them in the community. Kevin Yu Microsoft Online Community Support ================================================== (This posting is provided "AS IS", with no warranties, and confers no rights.) It is big mistake that MS leave .NET 2.0 configuration applet (the GUI tool
equivalent of CASPOL.exe) out of .NET redistribution and make it only avalable in SDK. MS should really do the otherway around: SDK is for developers, who are really should be a bit better that other users to use a commandline tool. Come on, MS, is it a good idea to promote WINDOWS by giving a so important utility tool in a old DOS way? Is MS tired of use its own GUI? I really hope the .NET 2.0 Configuration applet can be added back to 2.0 framework redistribution in upcoming SP1, or 3.0. Show quote "Kevin Yu [MSFT]" <v-k***@online.microsoft.com> wrote in message news:JOL$UOSsGHA.2504@TK2MSFTNGXA01.phx.gbl... > Hi Adri, > > Please try to grant FullTrust permission to Intranet on the machine that > runs the code to see if this can work. > > Kevin Yu > Microsoft Online Community Support > > ================================================== > Get notification to my posts through email? Please refer to > http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif > ications. > Note: The MSDN Managed Newsgroup support offering is for non-urgent issues > where an initial response from the community or a Microsoft Support > Engineer within 1 business day is acceptable. Please note that each follow > up response may take approximately 2 business days as the support > professional working with you may need further investigation to reach the > most efficient resolution. The offering is not appropriate for situations > that require urgent, real-time or phone-based interactions or complex > project analysis and dump analysis issues. Issues of this nature are best > handled working with a dedicated Microsoft Support Engineer by contacting > Microsoft Customer Support Services (CSS) at > http://msdn.microsoft.com/subscriptions/support/default.aspx. > ================================================== > > (This posting is provided "AS IS", with no warranties, and confers no > rights.) > > Please try to grant FullTrust permission to Intranet on the machine This is just the kind of recommendation I was afraid of when I first heard > that runs the code to see if this can work. > > Kevin Yu > Microsoft Online Community Support about CAS. What is the purpose of establishing an Intranet zone and giving it specific permissions, when at the first case of an issue, you just recommend opening up the flood gates and granting full trust? Why not just set it as full trust to begin with. Honestly, I would much rather see a more granular approach to the recommendation, including strong naming the project in question and granting only the necessary CAS rights based on the strong name. I understand how it is easier to make a quick recommendation, but often the easiest answer will only turn around and bit you in the long run. Jim Wooley http://devauthority.com/blogs/jwooley/default.aspx Sorry, I never used CASPOL commandline. You make want to try this to see if
you can get the Configuration applet to the computer with this link: http://www.mcse.ms/archive102-2005-12-1950554.html At least, with GUI tool, you could easily change/test your security settings, IMO, MS made mistake to give the applet to SDK user/developer only. Show quote "Adri" <a3@community.nospam> wrote in message news:7E10A6A6-2E91-4E7F-B16E-D8BD98A5BE05@microsoft.com... > Hi Norman, > > The target machine has only the .NET 2.0 Runtime installed, and therefor > there is no ".NET Framework 2.0 Configuration" available on the > "Administrative Tools". That's why I used CASPOL > > -- > Adri > Programmers do it Bit by Bit > > > "Norman Yuan" wrote: > >> I usually do this (to give permission to run .NET code from a network >> share >> on our LAN) by using .NET Framework Configuration console in "Control >> Panel->Administrative Tools" and it always workd. Can you try that, >> instead >> of CASPOL.exe at command line? (Although the result should be the same, >> if >> you do it correctly.) Just give it a try to prove you did it correctly >> with >> caspol.exe command line. >> >> If you have not done that in .NET framework configuration console, >> following >> these steps: >> >> 1. Open "Control Panel->Administrative Tools->.NET Framework 2.0 >> Configuration"; >> 2. Select node "Console Root->.Net Framework 2.0 Configuration->My >> Computer->Runtime Security Policy->Machine->Code Groups->All_Code" and >> right-click, select "New..."; >> 3. Select "Create a new code group" radio button and enter code group >> name >> of your choice; click "Next"; >> 4. In dropdown list, choose "URL" and enter URL (such as >> file://theserver/theshare/myCodeFolder/*); click "Next"; >> 5. Select a existing permission set, such as "FullTrust"; click "Next" >> and >> then "Finish". >> >> Now test your app. It should work (It work on a few of my Win form apps, >> including .NET1.1 and 2.0 apps) >> >> >> "Adri" <a3@community.nospam> wrote in message >> news:980E7660-3FE8-4BD2-83C7-23465F9C3845@microsoft.com... >> > Hi Norman, >> > >> > The user (myself) has full access (on OS level) to the UNC share. >> > >> > The CASPOL call is: >> > caspol -q -m -ag 1.2. -url file://SERVER/Share/* FullTrust >> > >> > -- >> > Adri >> > Programmers do it Bit by Bit >> > >> > >> > "Norman Yuan" wrote: >> > >> >> It is obviously the security/permission issue. In order to run .NET >> >> code >> >> from a network share, you need to >> >> >> >> 1. Give user necessary file access permission, read and execute, >> >> whether >> >> it >> >> is .NET file or not; >> >> 2. Allow .NET code from outside computer to run with CASPOL tool. >> >> >> >> Are you sure you have done both correctly? I do not see there is other >> >> reasons. >> >> >> >> >> >> "Adri" <a3@community.nospam> wrote in message >> >> news:B66FF897-A249-46CC-9092-ADAA9E990C58@microsoft.com... >> >> > I've built an localised .NET 2.0 application, which runs fine on my >> >> > development machine. But when I deploy the app, it fails to run from >> >> > an >> >> > UNC >> >> > path. I've already used CASPOL to add FullTrust to the UNC. >> >> > >> >> > The error that occurs us the following: >> >> > System.InvalidOperationException was unhandled >> >> > Message="An error occurred creating the form. See >> >> > Exception.InnerException >> >> > for details. The error is: Request for the permission of type >> >> > 'System.Security.Permissions.SecurityPermission, mscorlib, >> >> > Version=2.0.0.0, >> >> > Culture=neutral, PublicKeyToken=b77a5c561934e089' failed." >> >> > Source="TMD" >> >> > StackTrace: >> >> > at TMD.My.MyProject.MyForms.Create__Instance__[T](T Instance) >> >> > at TMD.My.MyApplication.OnCreateSplashScreen() >> >> > at >> >> > Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.ShowSplashScreen() >> >> > at >> >> > Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.OnInitialize(ReadOnlyCollection`1 >> >> > commandLineArgs) >> >> > at >> >> > Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.DoApplicationModel() >> >> > at >> >> > Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.Run(String[] >> >> > commandLine) >> >> > at TMD.My.MyApplication.Main(String[] Args) >> >> > >> >> > It seems to happen when the app tries to show the SplashScreen >> >> > >> >> > -- >> >> > Adri >> >> > Programmers do it Bit by Bit >> >> >> >> >> >> >> >> >>  |
|||||||||||||||||||||||
Other interesting topics