Making Changes Manually
Although the .NET Configuration tool provides a nice interface, it isn't always the best way to automate changes to multiple systems. You don't have to use the .NET Configuration tool to edit policies for a system. The configuration files are actually XML-based, so you can edit them with any good XML editor. In fact, the Visual Studio .NET IDE reads these files without any problem. If you prefer a command-line approach, you can use the CasPol utility to make any required changes.
The enterprise, application domain, and machine-level configuration files appear in the following folder:
WINDOWS\Microsoft.NET\Framework\<Version Number>\CONFIG
The user information appears in this folder:
Documents and Settings\<User Name>\Application Data\Microsoft\CLR Security Config\<Version Number>
By changing entries in these folders using an external application, you can create new policies to manage your applications.
Relying on the Wizards
The Administrative Tools folder of the Control Panel also contains a Microsoft .NET Framework 1.1 Wizards entry. Open this entry to access three wizards that can greatly reduce the amount of work you need to perform for specific tasks:
Adjust .NET Security lets you change overall .NET security. The first page of this wizard asks whether the change affects the entire machine or just the current user. You can then choose settings for each of the standard zones: My Computer, Local Intranet, Internet, Trusted Sites, and Untrusted Sites. The final page shows the changes you've made.
Trust an Assembly lets you modify the trust level of a specific assembly. The first page of this wizard asks whether the change affects the computer as a whole or just the current users. The second page requests the application name and location. On the third page, you define which assemblies are affected by the change (the current assembly or the current and subordinate assemblies). Finally, you set the assembly trust level.
Fix an Application attempts to restore an application to working order by checking its manifest for missing assemblies. This feature relies on the use of restore points and generally works when the affected system has the required files available but has suffered a configuration change.