Terminal Server problem

M

Michael ValeCruz

We have a .NET application compiled as a Windows executable running in a
Client/Server environment. We use CASPOL to setup the LocalIntranet security
to allow our program to run. We have run into two Terminal Servers that
cannot execute our program except when logged in as Administrator. What is
preventing the other terminal Server users from running the application?

I would appreciate any comments please.

Michael ValeCruz
Atlanta
 
N

Nicole Calinoiu

Exactly what caspol command(s) are you running, and how is the caspol
execution being launched?
 
M

Michael ValeCruz

where are running it thru calls to createprocess:

%windir%\Microsoft.NET\Framework\v1.1.4322\caspol -pp off
%windir%\Microsoft.NET\Framework\v1.1.4322\caspol -machine -addgroup
LocalIntranet_Zone -strong -file o:\ga\progs\OmniNPad.exe -noname -noversion
FullTrust -name "MMM Code"
%windir%\Microsoft.NET\Framework\v1.1.4322\caspol -pp on

We did not know a way to programmatically accomplish this. On the terminal
Server the install program was executed thru add\remove programs.

Would a server reboot make a difference?
 
N

Nicole Calinoiu

Michael ValeCruz said:
where are running it thru calls to createprocess:
Click to expand...

That's not quite what I meant. What triggers all this? (e.g.: one-time
script run manually by an admin, startup script, login script, etc.)

%windir%\Microsoft.NET\Framework\v1.1.4322\caspol -pp off
%windir%\Microsoft.NET\Framework\v1.1.4322\caspol -machine -addgroup
LocalIntranet_Zone -strong -file
o:\ga\progs\OmniNPad.exe -noname -noversion
FullTrust -name "MMM Code"
%windir%\Microsoft.NET\Framework\v1.1.4322\caspol -pp on
Click to expand...

Can you see the new code group in the machine policy when you run
mscorcfg.msc on the problem
machines? If so, could it be that users other than Administrator have
user-level policy settings on these machines that override this full trust
grant?


We did not know a way to programmatically accomplish this.
Click to expand...

There's a way, but it's hardly worth the bother since it's subject to much
the same set of problems as using caspol.

On the terminal
Server the install program was executed thru add\remove programs.
Click to expand...

Does this mean that the caspol run was triggered from the installer?

Would a server reboot make a difference?
Click to expand...

Very, very unlikely.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

ClickOnce application on terminal server 1
Terminal server and framework v.1.1 .... 1
Terminal Windows Server 2003 1
BCM instalation in terminal services mode 1
.NET apps on Terminal Server 4
Possible to share memory between terminal server apps? 1
Windows Terminal Services 2
Terminal Server License Server 1

Top