NGWS SDK Documentation  

This is preliminary documentation and subject to change.
To comment on this topic, please send us email at ngwssdk@microsoft.com. Thanks!

Special attributes of code groups

Exclusive: flag that means only the specified permission set should be allowed for members of the group, ignoring any other permission sets from other matching groups; it is an error for code to belong to more than one group with this attribute.

LevelFinal: flag that indicates no policy levels below the one containing this code group should be considered when checking code group membership and granting permissions. For example, if this flag is set for a code group at the machine level and some code matches the membership condition of this code group then the user level policy would not be applied to the code.