Trusting network shares in Visual Studio 2010 / .NET 4.0 - by DSell

Status : 

  Fixed<br /><br />
		This item has been fixed in the current or upcoming version of this product.<br /><br />
		A more detailed explanation for the resolution of this particular item may have been provided in the comments section.

Sign in
to vote
ID 604282 Comments
Status Closed Workarounds
Type Bug Repros 8
Opened 9/23/2010 5:22:21 PM
Access Restriction Public


I work for the CS department of an educational institution where each student's "My Documents" folder is redirected to a network share. Their profiles are deleted after they log off, so we encourage them to use this share to store projects and whatnot instead of saving to the local machine. Our classic problem with this has been the CAS policy's distrust of network shares. In VS 2008 and earlier, running caspol would allow us to set up a trust relationship:

E.G: caspol.exe -m -pp off -ag 1.2 -url file://\\UNC\path\* FullTrust

However, when we upgraded to VS2010, this command no longer worked. I've spent a bunch of time exploring VS config files and looking into the loadFromRemoteSources element, but I've been without any luck. I've tried inserting loadFromRemoteSources enabled="true" into the runtime elements of the following config files without success:


%programfiles%\Microsoft Visual Studio 10.0\Common7\IDE\devenv.exe.config


No matter what I try I still get the "You should only open projects from a trustworthy source" message box when I create a new application or open an application that is stored on our local intranet.

We also get a message a build time when a project is stored on a network location. It states "The following module was built either with optimizations enabled or without debug information". I’m not sure if this has to do with a trust issue, or if our settings are incorrect, but when I move the project to a local drive the message disappears. 

I have only tested this with simple VB.NET based Windows forms, and have not tried building anything that accesses information outside of itself yet, but I'd imagine that would be hindered by not being considered "fully trusted"
Sign in to post a comment.
Posted by hobbsenigma on 5/17/2013 at 6:37 AM
Years later, this is still not fixed. Please reopen.
Posted by MrBeatnik on 6/13/2011 at 2:29 AM
Hi, this is closed but about 10 months later I still receive this problem with VS2010 SP1 installed.
How can we make a UNC path (network intranet share) a trusted source for opening automatically when deployed to multiple PCs from a network admin share?

As mentioned, the caspol command does not seem to work?
Posted by Ion [MSFT] on 10/29/2010 at 7:17 PM
Hi Derek, this is on our plans to be fixed in the next release of Visual Studio.

Posted by DSell on 10/2/2010 at 12:48 PM
Well thank you for looking into it at least. For now we will tell the users in our environment to save their projects on portable media until we hear more about a viable solution from your end.

Posted by Dan [MSFT] on 10/1/2010 at 5:39 PM
Derek - sorry, I had forgotten that this will be triggered not only by originating from the internet (which would allow you to hit UNblock) but also in some other cases, like I think, being on a network share, in the temp or downloads directory.
I don't know a way to switch that off wholesale, I"m afraid. You are supposed to be able to do it with
Tools>Options>Projects and Solutions>Warn user when project location is not trusted
But embarrassingly, this doesn't seem to function.
I"m leaving this bug active to fix that for the next version. Meanwhile I'm afraid you'll have to keep clicking through the dialog for the first time you open a particular solution.

Posted by DSell on 9/24/2010 at 10:34 AM
The problem with the first suggestion is that we're not only trying to supress the message, but we want to avoid any issues that would crop up with our student's solutions being not "fully trusted".

I have also searched the properties of every file and folder in one of the problem solutions I created, and I did not see an "Unblock" button on any of them.

We also would like a fix that we can roll out to all instances of Visual Studio 2010 running on our network in the same way we had with caspol in Visual Studio 2008 and earlier. Telling our students to perform a tweak for each project they create is not a desirable solution. Is there a way to create a remotely deployable fix for 2010?
Posted by Dan [MSFT] on 9/24/2010 at 9:50 AM
Hi Derek
To avoid the message, you can either (1) just agree to load; this should suppress the message for whenever you open the project as part of that solution as the same user on the same machine; or (2) go to windows explorer, right click on the project file, choose Properties, look at the bottom of the General tab, if there's an Unblock button click on that. You might need to do this for any .user file next to the project as well.
Let me know if that works.
Posted by Microsoft on 9/23/2010 at 10:36 PM
Thank you for reporting the issue.
We are routing this issue to the appropriate group within the Visual Studio Product Team for triage and resolution.These specialized experts will follow-up with your issue.