Udostępnij za pośrednictwem


How to enable users to download infected files when a download scan that is performed by using anti-virus software is disabled?

Microsoft.SharePoint.Administration.SPAntivirusSettings.AllowQuarantinedFileDownload

This particular API has a new public Boolean property exposed AllowQuarantinedFileDownload. We can see this public Boolean property only if you have installed Post SP1 rollup. You can get it from the below links.

Post SP1 rollup :

WSS :   https://support.microsoft.com/kb/941422

MOSS :   https://support.microsoft.com/kb/941274

SP1 :

Windows SharePoint Services 3.0 Service Pack 1 (SP1) https://www.microsoft.com/downloads/details.aspx?familyid=4191A531-A2E9-45E4-B71E-5B0B17108BD2&displaylang=en

The 2007 Microsoft Office Servers Service Pack 1 (SP1) https://www.microsoft.com/downloads/details.aspx?familyid=AD59175C-AD6A-4027-8C2F-DB25322F791B&displaylang=en

This new property has been exposed for introducing a design change to enable users to download infected files when a download scan that is performed by using antivirus software is disabled. We can see that information documented in this KB.

Description of the Windows SharePoint Services 3.0 hotfix package: May 8, 2008

https://support.microsoft.com/?id=952288

We can’t set up this configuration through UI in MOSS Central Administration site. But whatever configuration setups showing below screen shot, we can setup it through SharePoint object model.

clip_image002

Please check below MSDN link for getting more information about all the member of SPAntivirusSettings.

https://msdn.microsoft.com/en-us/library/microsoft.sharepoint.administration.spantivirussettings_members.aspx

Information about the new public member will include soon in MSDN.

Now we can see in which situation we have to use this property. First we need to understand when and why we need to use this property. This property is used to enable users to download infected files when a download scan that is performed by using antivirus software is disabled.

Whenever we make the property as “false” then all the documents blocked by a download scan are still considered blocked even if download scanning is later turned off. By default it will be false. And if you we make this property as “true”, and if downloading scanning are disabled, earlier download scan results are not considered and then we can download those files.

Since this particular situation is rare, you can setup this one only through code. If you have Windows PowerShell installed in your SharePoint server, then you can even write the same script in PS to enable this feature.

Below I am giving a sample code which I have developed for a .NET console based application to toggle the setup of AllowQuarantinedFileDownload.  

    1: using System;
    2:  
    3: using System.Collections.Generic;
    4:  
    5: using System.Text;
    6:  
    7: using Microsoft.SharePoint.Administration;
    8:  
    9:  
   10: namespace AllowQurantinedFileDownloadTool
   11: {
   12:     class Program
   13:     {        
   14:  
   15:         static void Main(string[] args)
   16:         {
   17:  
   18:             SPWebService service = SPWebService.ContentService;
   19:  
   20:             Console.WriteLine(@"Previous values: Allow quarantine download= {0} Download scan enabled {1}", service.AntivirusSettings.AllowQuarantinedFileDownload, service.AntivirusSettings.DownloadScanEnabled);
   21:  
   22:             //toggle
   23:  
   24:             service.AntivirusSettings.AllowQuarantinedFileDownload = !service.AntivirusSettings.AllowQuarantinedFileDownload;
   25:  
   26:             service.Update();
   27:  
   28:             Console.WriteLine(@"New values: Allow quarantine download= {0} Download scan enabled {1}", service.AntivirusSettings.AllowQuarantinedFileDownload, service.AntivirusSettings.DownloadScanEnabled);
   29:  
   30:             Console.WriteLine("Operation has been completed successfully ..."); 
   31:  
   32:         }
   33:     } 
   34:  
   35: }

Comments