The first question is really an office politics question, so here goes. When developers use frameworks like LLBLGen, DBAs get worried because now developers have control. With respect to .NET Security Demands you would think that Network Admins would be happy because now developers can demand that users have certain permissions to run an application. IMO as an architect & developer, this ability is a huge benefit especially when writing apps that work with unmanaged code. However, I am now demanding who can and cannot run the application and what their permissions must be.

Have any of you ever had the opportunity to work with system administrators that find this concept repulsive and are intimidated by this loss of control? If so, what was the result?

The second question is much simpler. Can you administer GAC Binding Policies using Active Directory Group Policy Settings? i.e. add or update an assembly binding policy redirect based on the users of a role or organizational unit?