Is there a tool that lets me validate effective code access security rather than just the list specifications like caspol does? A review tool, if you like.
We have a problem where a 3rd party application fails to load .NET assemblies on a network drive. In order to have the drive available on service level, the drive is mapped using LGP, alternatively using symlink (and before anyone points that out; no we can't use unc paths :-)) to make the drive available machine wide. If we map the drive in this convoluted fashion the application fails with a missing trust. If we map the drive in a normal fashion in the current user context, the assemblies load just fine. With either mapping method, the trusted paths are exactly the same. But the result of the check is obviously not. Therefor I am looking for a tool that can validate trusts. I am absolutely convinced that such a tool must exist but I simply cannot seem to find one.
Commenter Hans Passant hits the nail on the head. CASPOL /ResolveGroup and /ResolvePerm do indeed give me the information needed. The underlying problem remains to be solved but that was outside the scope of this question.