Example of a scenario

The same scenario is set out here in PowerShell script and .NET programming.

The administrator of an environment of machines wants a specific folder to be encrypted at all times on user workstations.

When a user logs on to his Windows session, the administrator wishes to:

  • Connect the user to his Stormshield Data Security account (in interactive mode);
  • Ensure that a given folder has been secured with the Security Data Team module (and create it if necessary);
  • Inform the user of what has taken place.

The folder must always be secured using a Team rule and encrypted files.

This scenario can be implemented in the same way in both modes of using the Stormshield Data Connector module.

In both implementations, the configured folder is named "Secured" on the user's desktop.

The administrator can run the PowerShell script or the .NET program when the user's Windows session starts.

PowerShell

$securedFolder = Join-Path ([Environment]::GetFolderPath('Desktop')) 'Secured'

[Reflection.Assembly]::LoadWithPartialName('System.Windows.Forms')

try
{
  Connect-SDSUser -Interactive
  
  $report = ''
  
  if (-not (Test-Path -Path "$securedFolder"))
  {
    New-Item -Path "$securedFolder" -Type Directory | Out-Null
    $report += ("Folder '$securedFolder' has been created." + [Environment]::NewLine)
  }
  
  try
  {
    $rule = Get-SDSTeamRule -Path "$securedFolder"
  }
  catch [Stormshield.DataSecurity.Connector.Team.RuleNeedUpdateException]
  {
  }
  if ($rule -ne $null -and $rule.Secured -eq $false)
  {
    New-SDSTeamRule -Path "$securedFolder"
    $report += ("Rule has been created on folder '$securedFolder'." + [Environment]::NewLine)
  }
  
  Protect-SDSTeam -Path "$securedFolder"
  $report += ("Folder '$securedFolder' has been protected." + [Environment]::NewLine)
  
  [Windows.Forms.MessageBox]::Show($report)
}
catch
{
  [Windows.Forms.MessageBox]::Show($_.Exception)
}

.NET

using Stormshield.DataSecurity.Connector;
using Stormshield.DataSecurity.Connector.Common;
using Stormshield.DataSecurity.Connector.Kernel;
using Stormshield.DataSecurity.Connector.Team;

namespace SecuredFolder
{
  static class Program
  {
    private static string SecuredFolder = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.Desktop), "Secured");

    static void Main()
    {
      string value = ConfigurationManager.AppSettings["SecuredFolder"];
      if (!string.IsNullOrEmpty(value))
        SecuredFolder = value;

      try
      {
        using (Stormshield.DataSecurity.Connector.API api = new Stormshield.DataSecurity.Connector.API())
        {
          api.Execute("Connect-SDSUser -Interactive");

          string report = string.Empty;

          if (!Directory.Exists(SecuredFolder))
          {
            Directory.CreateDirectory(SecuredFolder);
            report += string.Format("Folder '{0}' has been created.{1}", SecuredFolder, Environment.NewLine);
          }

          object[] objects = null;
          try
          {
            objects = api.Execute(string.Format("Get-SDSTeamRule -Path '{0}'", SecuredFolder));
          }
          catch (Stormshield.DataSecurity.Connector.Team.RuleNeedUpdateException)
          {
          }
          if (objects != null && objects.Length == 1)
          {
            RuleInfoData rule = objects[0] as RuleInfoData;
            if (!rule.Secured)
            {
              api.Execute(string.Format("New-SDSTeamRule -Path '{0}'", SecuredFolder));
              report += string.Format("Rule has been created on folder '{0}'.{1}", SecuredFolder, Environment.NewLine);
            }
          }

          api.Execute(string.Format("Protect-SDSTeam -Path '{0}'", SecuredFolder));
          report += string.Format("Folder '{0}' has been protected.{1}", SecuredFolder, Environment.NewLine);

          MessageBox.Show(report);
        }
      }
      catch (System.Exception exception)
      {
        MessageBox.Show(exception.ToString());
      }
    }
  }
}