Upgrading our Custom Data Extension from SQL 2000 Reporting Services to 2005
has necessitated dealing with code access security to a new degree. My
extension is actually a complex set of interdependant DLLs:
1. My managed assembly that implements the Data Extension and two delivery
extensions. This calls into...
2. A set of third party UNmanaged DLLs. Via a callback mechanism, these
call into...
3. Another of my managed assemblies.
By doing the following, my Data extension now runs perfectly in the browser
(via the report manager interface):
A. Create a Code Group in the policy config file.
B. Add AllowPartiallyTrustedCallers attribute to all my managed assemblies
C. Put my assemblies in the GAC
While my extension now works in the browser, it fails when run as a
scheduled report. My managed assembly #1 and the unmanaged DLLs #2 seem to
load, but in the log files I see:
Could not load file or assembly <my managed assembly #3, above> Failed to
grant minimum permission requests. (Exception from HRESULT: 0x80131417)
So I guess my question comes down to this: Why would the code access
security context be different when the report is run on a schedule as
opposed to being run on the server?
Thanks for you help!Hello Stephen,
How about turned off the Caspol by running command caspol -s off?
Also, please try to create a new code group.
1. On the Web server, open Administrative Tools, and then double-click
Microsoft
.NET Framework Configuration 2.0.
2. Expand Runtime Security Policy, expand Machine, and then expand Code
Groups.
3. Right-click All_Code, and then click New.
4. Select Create a new code group. Give your code group a relevant name,
such as
the name of the applications share.
5. Click Next.
6. In the Choose the condition type for this code group list, select GAC.
7. Click Next. On the next page, select Use an existing permission set, and
then
8. select FullTrust.
9. Click Next, and then click Finish.
Once these steps have been done, plese turn off the caspol and restart the
server.
Sincerely,
Wei Lu
Microsoft Online Community Support
==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.
Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.
==================================================(This posting is provided "AS IS", with no warranties, and confers no
rights.)|||I can not do "caspol -s off" in this environment, but I believe your other
comments have pointed me in the right direction. Thanks!
"Wei Lu [MSFT]" <weilu@.online.microsoft.com> wrote in message
news:1krHN%23KzGHA.4340@.TK2MSFTNGXA01.phx.gbl...
> Hello Stephen,
> How about turned off the Caspol by running command caspol -s off?
> Also, please try to create a new code group.
> 1. On the Web server, open Administrative Tools, and then double-click
> Microsoft
> NET Framework Configuration 2.0.
> 2. Expand Runtime Security Policy, expand Machine, and then expand Code
> Groups.
> 3. Right-click All_Code, and then click New.
> 4. Select Create a new code group. Give your code group a relevant name,
> such as
> the name of the applications share.
> 5. Click Next.
> 6. In the Choose the condition type for this code group list, select GAC.
> 7. Click Next. On the next page, select Use an existing permission set,
> and
> then
> 8. select FullTrust.
> 9. Click Next, and then click Finish.
> Once these steps have been done, plese turn off the caspol and restart the
> server.
> Sincerely,
> Wei Lu
> Microsoft Online Community Support
> ==================================================> Get notification to my posts through email? Please refer to
> http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
> ications.
> Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
> where an initial response from the community or a Microsoft Support
> Engineer within 1 business day is acceptable. Please note that each follow
> up response may take approximately 2 business days as the support
> professional working with you may need further investigation to reach the
> most efficient resolution. The offering is not appropriate for situations
> that require urgent, real-time or phone-based interactions or complex
> project analysis and dump analysis issues. Issues of this nature are best
> handled working with a dedicated Microsoft Support Engineer by contacting
> Microsoft Customer Support Services (CSS) at
> http://msdn.microsoft.com/subscriptions/support/default.aspx.
> ==================================================> (This posting is provided "AS IS", with no warranties, and confers no
> rights.)
>
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment