How to: Remove Code Groups Using Caspol.exe
You can use the Code Access Security Policy tool (Caspol.exe) to remove code groups from code group hierarchies. When you delete a code group that has child code groups, you also delete the child code groups. You cannot copy part of a code group hierarchy to another part of the code group or to another code group hierarchy. Therefore, deleting a parent code group destroys any security behavior that was defined in its child hierarchy.
.gif "Caution note") Caution |
|---|
Because it can strongly affect security, use extreme caution when you delete code groups. |
To remove a code group from a code group hierarchy
Type the following command at the command prompt:
caspol [-enterprise|-machine|-user] –remgroup {label|name}
Specify the policy-level option before the –remgroup option. If you omit the policy-level option, Caspol.exe removes the specified code group hierarchy from the default policy level. For computer administrators, the default level is the machine policy level; for others, it is the user policy level.
The following command deletes the code group labeled 1.1.2..
caspol –remgroup 1.1.2.The following command deletes the code group named MyApp_CodeGroup.
caspol –remgroup MyApp_CodeGroup
See Also
Reference
Caspol.exe (Code Access Security Policy Tool)
Concepts
Other Resources
Configuring Security Policy Using the Code Access Security Policy Tool (Caspol.exe)