:: Grants full-trust to .NET Framework applications on network paths via
:: assuming the Policy from your Local Intranet security-zone. Beware of KB941001
:: By Mark Fairpo. Save or rename this file extension as MyCasPol.cmd
::
:: See http://samples.gotdotnet.com/quickstart/howto/doc/security/SecScripting.aspx
:: See http://msdn2.microsoft.com/en-us/library/cb6t8dtz(VS.80).aspx
:: See http://en.wikibooks.org/wiki/Guide_to_Windows_commands
::
@prompt=$N$G$S
set dotnetdir=%windir%\Microsoft.NET\Framework
set logfile=%dotnetdir%\CasPol.log
ver >"%logfile%"
@for /R "%dotnetdir%" %%I in (CASPOL.EXE?) do echo [%date%,%time%] Found tool %%I >>"%logfile%"
@for /R "%dotnetdir%" %%I in (CASPOL.EXE?) do "%%I" -quiet -all -reset >>"%logfile%"
@for /R "%dotnetdir%" %%I in (CASPOL.EXE?) do "%%I" -quiet -machine -chggroup LocalIntranet_Zone FullTrust >>"%logfile%"
:: Also trust Compiled Help Module (.CHM) files in the Local Intranet security-zone
echo [%date%,%time%] Add registry from Microsoft KB896054 >>"%logfile%"
REG add "HKLM\SOFTWARE\Microsoft\HTMLHelp\1.x\ItssRestrictions" /v "MaxAllowedZone" /t REG_DWORD /d 1 /F >>"%logfile%"
@prompt=$P$G