I'd like to call caspol from within a script inside a custom action in an msi (setup project). I'd prefer a standard msi to ClickOnce, because with a standard msi I can install drivers & associate filetypes with our application whereas with ClickOnce I can't.

When I execute the caspol command from the command line it succeeds, but from within vbscript it always fails with the error "Fehler: Unbekannte Mitgliedschaftsbedingung - -url.." - which translates as "Error: Unknown membership condition: -url". To further clarify: A copy & paste of the generated command works fine on the command line directly on the local drive of a virgin virtual machine, as local administrator, as part of a workgroup.

I have two ideas: 1. I'm no vbscript king, so maybe I've missed quotes or made some other sort of syntax error. 2. Caspol recognises that I'm running it from within a script and halts with an intentionally nonsensical error.

Personally, I believe it's just a dumb syntax error.

Here's my script:

set sh = CreateObject("Wscript.Shell")
Set fso = CreateObject("Scripting.FileSystemObject")

dim command
dim location
dim retVal

location = fso.GetFile(Wscript.ScriptFullName).ParentFolder

'%windir%\microsoft.net\framework\v2.0.50727\caspol.exe -pp off -m -addgroup 1 –url file://COMPUTER/SHARE/* FullTrust -name sbw2
command = fso.GetSpecialFolder(0) & "\microsoft.net\framework\v2.0.50727\caspol.exe -pp off -m -ag 1 –url file://"
for each s in Split(location, "\")
        if Len(s) > 0 then
                command = command & s & "/"
        end if
next
command = command & "* FullTrust -name sbw2"

'DEBUG
'command = fso.GetSpecialFolder(0) & "\microsoft.net\framework\v2.0.50727\caspol.exe -m -ag 1 –url file://mjlaptop/sbw2/* FullTrust"
Wscript.StdOut.WriteLine VbClrf
Wscript.StdOut.WriteLine command
Wscript.StdOut.WriteLine VbClrf

Set output = sh.Exec(command)

dim text
while Not output.StdOut.AtEndOfStream
        text = text & output.StdOut.Read(1)
Wend
Wscript.StdOut.WriteLine text

Thanks in advance,

Matt

No that's not it. Even with command = command & """" at the end of all that string concatenation.

Copy & pasted from your answer into my code:

"C:\WINDOWS\microsoft.net\framework\v2.0.50727\caspol.exe -pp off -m -ag 1 -url "file://mjlaptop/sbw2/*" FullTrust -name sbw2

\\mjlaptop\sbw2\setpolicy.vbs(32, 1) WshShell.Exec: Das System kann die angegebene Datei nicht finden.

It's missing a quote. And now, adding a closing quotation mark, as I guess you intended:

"C:\WINDOWS\microsoft.net\framework\v2.0.50727\caspol.exe" -pp off -m -ag 1 -url "file://mjlaptop/sbw2/*" FullTrust -name sbw2

Microsoft (R) .NET Framework CasPol 2.0.50727.42
Copyright (c) Microsoft Corporation. Alle Rechte vorbehalten.

Fehler: Unbekannte Mitgliedschaftsbedingung - -url..

That's the error as given in my original post. You're right: the command is valid. That the command is valid isn't the problem. I can copy and paste the bloody echo into a command window and it'll execute successfully. I can stick as many quotes in there as you like, and I reckon it'll still complain about the "unknown membership condition" though.

I'll try to make my replies in comments.

Change url formatting of url in command to \\mjlaptop\sbw2* for some reason, formatted as "file://..." won't work. With or without quotes.

This uid (yossarian) belongs to me (Matt Jacobsen) too. I'd had to use the above as claimid was down for maintennance.

"C:\WINDOWS\microsoft.net\framework\v\caspol" -pp off -m -ag 1 -url "file://mjlaptop/sbw2/*" FullTrust -name sbw2

Microsoft (R) .NET Framework CasPol 2.0.50727.42 Copyright (c) Microsoft Corporation. Alle Rechte vorbehalten.

Fehler: Unbekannte Mitgliedschaftsbedingung - -url..

using the v instead of the whole file name allows the code to search caspol in every version folder.