Well, first off: let me put the blame squarely on the developers of the .NET framework for making it next to impossible to start an administrative tool over an intranet path. There should be a limit to paranoia when it comes to not trusting applications – a limit crossed when apps started explicitly by a human user with administrative privileges are not allowed to execute, in the name of security! Fortunately, there are solutions and workarounds, and typically NWSAPSetupAdmin.exe will recommend one to you. If it doesn’t, here are a couple of things that help almost everyone.
(These steps are also documented in Note # 1169612.)
Step 1: Reduce IE-based restrictions on Zone ‘Intranet’ to Low
- Switch to Tab “Security”
- Select Zone “Local Intranet”
- Click button “Custom Level”
- Reset custom settings to “Low”.
- Click button “Reset”. You will be prompted, click “Yes”.
- Click “OK” to close both windows.
The steps above are reflected in this screenshot .
Step II: Make .NET trust your network path</p><p>Execute command-line:<br />”%windir%\Microsoft.NET\Framework\v2.0.50727\caspol.exe” -m -ag 1.2 -url file:”<network path>\setup\*” FullTrust</p><p><network path> here is the network share path to the root of the installation server.</p><p>You will be prompted by CASPOL, type “Yes” (without quotes) and press enter.</p><p>Now start NWSAPSetupAdmin.exe from the network path.<br />Proceed to Step III only if this step fails without a guiding message.</p><p> </p><p>Step III: Switch OFF .NET Security temporarily
You need to do this only if Step II was unsuccessful.
“%windir%\Microsoft.NET\Framework\v2.0.50727\caspol.exe” -security off
Allow CASPOL to run in the background, and start NWSAPSetupAdmin.exe from the network path. When done with administering the installation server, return to the CASPOL window.