我正在开发一个 C# 工具,该工具可以自动执行对 AzureInformationProtection 客户端的 PowerShell 调用。
main函数中的代码如下:
if (Path.GetExtension(f) != ".msg")
{
VerboseOutput("Info", "operations:file:scanning:file is not an email");
// grab file public properties and retrieve file owner
string FileOwner = RetrieveFileOwner(f);
VerboseOutput("Info", "operations:file:scanning:file owner found " + FileOwner);
// // 4. Check if owner member firm matches
if (MemberFirmMatch(FileOwner))
{
// 3. If MF matches, invoke decryption routine
VerboseOutput("Info", "operations:file:decrypting:start");
DecryptFile2(f, DestinationPath);
}
else
{
// 7. If member firm DOES NOT match DO NOT decrypt
VerboseOutput("Info", "operations:file:skipping:member firm does not match");
Globals.SKIPPED_FILES += 1;
}
}
为了说明,该RetrieveFileOwner函数的代码如下:
// method to retrieve a file owner by leveraging Get-AIPFileStatus command
private static string RetrieveFileOwner(string FilePath)
{
try
{
using (PowerShell PowerShellInstance = PowerShell.Create())
{
// use "AddScript" to add the contents of a script file to the end of the execution pipeline.
// use "AddCommand" to add individual commands/cmdlets to the end of the execution pipeline.
string cmd = String.Format("Get-AIPFileStatus -File \"{0}\"", FilePath);
PowerShellInstance.AddScript(cmd);
// invoke execution on the pipeline (collecting output)
Collection<PSObject> PSOutput = PowerShellInstance.Invoke();
if (PowerShellInstance.Streams.Error.Count > 0)
{
Console.WriteLine(PowerShellInstance.Streams.Error[0].Exception.ToString());
return "";
}
// loop through each output object item
foreach (PSObject outputItem in PSOutput)
{
// if null object was dumped to the pipeline during the script then a null
// object may be present here. check for null to prevent potential NRE.
if (outputItem.Members["RMSOwner"].Value != null)
{
return outputItem.Members["RMSOwner"].Value.ToString();
}
}
PowerShellInstance.Dispose();
return "";
}
}
catch (System.Exception exception)
{
Console.WriteLine("Error:operations:file:decrypting:" + exception.Message.Replace("\n", ""));
return "";
}
}
以类似的方式,代码DecryptFile2如下:
// method to decrypt a protected file by leveraging Unprotect-RMSFile command
private static void DecryptFile2(string FilePath, string DestinationPath)
{
try
{
using (PowerShell PowerShellInstance = PowerShell.Create())
{
// use "AddScript" to add the contents of a script file to the end of the execution pipeline.
// use "AddCommand" to add individual commands/cmdlets to the end of the execution pipeline.
string cmd = String.Format("Unprotect-RMSFile -File \"{0}\" -OutputFolder \"{1}\"", FilePath, DestinationPath);
PowerShellInstance.AddScript(cmd);
PowerShellInstance.Invoke();
if (PowerShellInstance.Streams.Error.Count > 0)
{
Console.WriteLine(PowerShellInstance.Streams.Error[0].Exception.ToString());
}
VerboseOutput("Info", "operations:file:decrypting:ok");
}
}
catch (System.Exception exception)
{
Console.WriteLine("Error:operations:file:decrypting:" + exception.Message.Replace("\n", ""));
}
}
但是,当我运行代码时,会返回以下错误:
Microsoft.InformationProtection.Powershell.RMS.Logging.RMSException: Error decrypting test.ptxt--C:\Users\edoardogerosa\
AppData\Local\Temp\RMSProtection\1fdgsa3e.0ut\4zirtfo5.rfl\test.ptxt with error: Cannot change thread mode after it is set. HRESULT: 0x80010106
at Microsoft.InformationProtectionAndControl.SafeNativeMethods.ThrowOnErrorCode(Int32 hrError)
at Microsoft.InformationProtection.Powershell.Core.Protection.FileProtection.IsProtected(FileSystemInfo file)
at Microsoft.InformationProtection.Powershell.Core.Protection.Decryptor.DecryptFile(Component component, FileSystemInfo file, FileUnProtectionConfig config)
at Microsoft.InformationProtection.Powershell.Core.Protection.Decryptor.Decrypt(Component component, FileUnProtectionConfig config)
我一直在努力解决这个错误好几个小时都无济于事。即使将PowerShellInstance.Invoke();DecryptFile2 方法中的调用更改为PowerShellInstance.BeginInvoke();也不能解决问题。
感谢您提供的任何帮助。