The current .NET policy does not permit the customization to run.

dotnet framework


  • 1. Making a PIA from an imported typelib
    I have a very custom case where a typelib relies on another typelib that does not have a PIA. We want to make our interop for our typelib a PIA. We cannot change our typelib at all (interfaces are cemented), so the decision was to modify the interop assembly created from our type lib to manually remove this dependency on the referenced non PIA type lib. 1. I ILDASM'd the interop to IL. 2. Modified the IL appropriately to remove dependence on other non PIA interop. 3. Rebuild with ILASM and some questions... Now to put it back into an interop that is designated as primary? Can I hand enter the metadata that makes it a PIA? How do I make my interop (rebuilt with ILASM) a PIA? I can see that it offers signing capability, but didn't see anyhting to mark it a PIA? If it is simple metadata I can enter it by hand in the IL. THanks -- Brian R.
  • 2. Returning char* as string
    As I understood, when returning System.String with interop, .NET tries to delete it with CoTaskMemFree(). But, this char* points to permanent part of memory, and should not be deleted. Is it possible to disable this behaviour (with some marshal attribute maybe)? I know I can return IntPtr, but I want cleaner solution if possible ;)

The current .NET policy does not permit the customization to run.

Postby UG9sYXJCZWFycw » Fri, 25 Aug 2006 00:28:02 GMT

I am used to developing ASP.NET apps, but have begun to test creating a Word 
App with an Actions Pane, using Visual Studio Tools for Office 2005.  On the 
development machine, no problem.  Deployment is another matter however.  I 
continue to get the message listed in the Subject above - "The current .NET 
policy does not permit the customization to run."

I tried the Walkthrough: Granting and Removing Permissions for an Office 
Solution - which works fine for enabling and disabling on the development 
machine, but does not carry over to deployment.

The End User machines will have .NET 2.0 but not the graphic configuration 
in the control panel that 1.1 does, because these will not have the SDK.  I 
did try adding full trust to the assembly with CASPOL at the command line, 
and apparently did give the assembly full trust, but I still get the error.  
It recommended adding the app to the GAC, but I do not see the utility to do 
that after searching the machine.  

What I'm looking for is a way to deploy office apps in which varying users 
at different locations with varying degrees of computer skill, can quickly 
and painlessly install or copy the apps that I have developed.  Any ideas?



Re: The current .NET policy does not permit the customization to run.

Postby Cindy M. » Fri, 25 Aug 2006 01:26:51 GMT

Hi Danny,

Best place to get help with VSTO installation is the forum or newsgroup


FWIW, it does sound like a security issue...

Cindy Meister
INTER-Solutions, Switzerland
 http://www.**--****.com/ (last update Jun 17 2005)

This reply is posted in the Newsgroup; please post any follow question or reply 
in the newsgroup and not by e-mail :-)

Similar Threads:

1.the current .NET security policy does not permit the customization

2.The annoying VSTO 2003 message "The current .NET security policy does not permit....."

I need some serious help please. I keep getting this annoying message
"The current .NET security policy does not permit............" when I
deploy my VSTO 2003 project dll in a test machine and try to run it
from the browser. The browser actually calls an Excel file which inturn
call the dll. The dll propoerties are correctly set in the Excel
Template file within the File/Properties/Custom tab. Please note that
when I double-click the Excel file from the hard drive folder,
everything works fine.

I tried all the different security settings in the .NET 1.1
configuration tool (Trust me, you name a setting, I've tried it) and
none of them seem to help. I invariably get the same message.
[FullTrust has been given to the assembly from the machine where I'm
calling the assembly from]. I even have tried adjusting my browser

Can someone please help. I've tried all sorts of blogs, web sites,
microsofts suggessted security settings and none of them seem to help.
It's driving me nuts and I have a deadline that is approaching soon.


3.C# client / wse3.0 policy problem: Policy '' is not configured


I'm currently workin on a c# client which connect to heterogenous 
webservices (PHP/java/...).

I need security (auth/sign/encrypt) so i started using wse3.0 for C#.

I've added a web reference to the webservice and configured the wse3.0 with 
the wizzard as follow:
_ secure a client app
_ username auth (in code)
_ enable ws sec 1.1 (sign encrypt)
_ taking a certificate from current computer (could i define one in code?)

I have the following code calling the WS:
  WSEForm.localhost.ProjectWebServicesWse PWS = new 
  UsernameToken token = new UsernameToken("test", "test", 

When i run it, I get an exception about :
Parameter name: Policy 'testPolicy' is not configured in the system

I just can't find any help on the net yet, if anyone has an idea about how 
to get a C# .NET client speak soap secured messages?


4.WSE Policy Problem - The message does not conform to the policy it was mapped to

EDIT: The exception is thrown only when I use my own UsernameTokenManager...

Any ideas?

5.Cannot run .Net app from network drive (System.Security.Policy.PolicyException)

I cannot get my C# .Net application to run from a network 
folder.  I get a "Just-In-Time Debugging" dialog box 
which states:  "An 
exception 'System.Security.Policy.PolicyException' has 
occurred in MyApp.exe.

I'm fairly certain that this is occurring because .Net is 
running my application in the LocalIntranet_Zone which 
only has limited rights.  I believe that I have to 
configure my application using "Administrative Tools > 
Microsoft .Net Framework 1.1 Configuration", however, 
that's where I get lost.  How exactly do I configure it?  
I was able to create a new fulltrust "code group" 
under "Runtime Security Policy > Machine > Code Groups > 
All_Code", but I don't see where I can associate my 
application with this new code group.  I know you can add 
your application  to the "Applications" section, but I 
don't see where I tell it which "code group" to use.

Anyone know how to do this?  Microsoft needs a step-by-
step article for this stuff.

6. .NET 1.1 security policies not functioning when .NET 2.0 is installed

7. Crystal Report Run-Time customization

Return to dotnet framework


Who is online

Users browsing this forum: No registered users and 31 guest