I've been playing around lately with various VM solutions on my Mac - my goal was to get an environment where I can run Vista and VS2008 in the VM, but have the source code on my host drive. That way, I can browse the source without needing to boot a VM, plus it gets included in my backups (both TimeMachine & Crashplan).
I've tried 3 different VM providers - VMWare, Parallels & VirtualBox, with mixed results. All three offer a Shared Folders feature, that automatically shares directories from the host as if they were network shares. However, for both VMWare & VirtualBox there was a problem. My company uses TFS for pretty much everything, and the Team Explorer client within Visual Studio didn't like these shares for some reason. Trying to do pretty much anything resulted in an "Unexpected error code 1" message.
They did work using a regular network share (i.e., sharing my host directory over SMB, and then connecting to the from the guest), but I didn't much like that approach; for one, I imagine there's some additional processing overhead, and secondly since my host is a laptop it's IP address is regularly changing as I move around, causing issues with my share on the Windows side. I'm sure I could have got something working, but it sounded like a PITA.
Parallels, however, worked like a treat. Just setup the shared folder, and TFS is quite happy with it. The next problem comes when you try to load a project into Visual Studio. It responds with
The project location is not trusted:
z:\project
Running the application may result in security exceptions when it attempts to perform actions which require full trust.
Now, if you google you'll find a ton of hits about this, and about how to solve it. One of the best is here - in particular, this chap actually explains what everything means. Here's the command that you need:
caspol.exe -m -ag 1.2 -url file://\\.psf/Projects/* FullTrust
Note that it doesn't matter if you are loading the code directly from the share (\\.psf\Projects in this case) or from a drive letter mapped to the share; both equate to the same thing internally.
The key thing in this command is the "-ag 1.2" - that's saying that the share is to be as a child of group 1.2. What's group 1.2? Well, if you run
caspol -lg
you'll get an output something like this:
1. All code: Nothing
1.1. Zone - MyComputer: FullTrust
1.1.1. StrongName - 0024000...: FullTrust
1.1.2. StrongName - 00000000000000000400000000000000: FullTrust
1.2. Zone - Intranet: LocalIntranet
1.2.1. All code: Same site Web
1.2.2. All code: Same directory FileIO - 'Read, PathDiscovery'
1.3. Zone - Internet: Internet
1.3.1. All code: Same site Web
1.4. Zone - Untrusted: Nothing
1.5. Zone - Trusted: Internet
1.5.1. All code: Same site Web
Here, you are seeing the list of groups that are currently setup. Note that the top level groups (1.1, 1.2 etc) correspond to the Internet Explorer zone settings. When the access policy is being processed, the first step taken is to determine the zone that the code is coming from (MyComputer, Intranet etc). Once this is done, only the policies within that zone are then examined to determine the level of trust that the code has. So adding your new FullTrust setting to group 1.2 only makes any difference if the \\.psf\project share is considered to be part of the Intranet zone. If it's not in that zone, then your new rule will just be ignored.
How do you know what zone your code is in? Load up Explorer, and then browse to the share. The zone will be shown in the status bar at the bottom:
Given this setup (which appears to be the default for a VM within Parallels), I need to do:
caspol.exe -m -ag 1.5 -url file://\\.psf/Projects/* FullTrust
to add my new rule to the Trusted zone. Anything else will have no effect. The vast majority of the posts out there on using caspol for network shares don't mention this, so hopefully this will help someone out!