forked from TomislavPeharec/Azure-VPN-Configuration
-
Notifications
You must be signed in to change notification settings - Fork 0
/
azurevpnclientconnectionimport.ps1
294 lines (196 loc) · 11 KB
/
azurevpnclientconnectionimport.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
<#
.SYNOPSIS
Import VPN configuration from rasphone.pbk file into Azure VPN Client
.DESCRIPTION
Script is used to create rasphone.pbk file with VPN configuration used in Azure VPN Client and create a new VPN connection ready to be used. Code should determine whether the folder with installation already
exists and create it if it's missing. Additionally, if you run the script multiple times, old rasphone.pbk file should be just renamed in case it's required later or as a backup. Log / transcript will track all
actions which were performed by the script and capture possible errors.
* HOW TO USE SCRIPT WITH INTUNE? *
1. Take file "azurvpnconfig.xml" containing your custom VPN configuration and import it manually to your Azure VPN Client using the command "AzureVpn.exe -i azurevpnconfig.xml" run from CMD
2. When you run the command, file rasphone.pbk will be created in "C:\Users\$UserName\AppData\Local\Packages\Microsoft.AzureVpn_8wekyb3d8bbwe\LocalState" - this file contains the actual configuration used by VPN client
3. Open rasphone.pbk file with notepad and copy the whole content (CTRL + A) to variable $PBKFileDetails
4. Save the script
5. Run it from Powershell ISE, it should create two files in "C:\Users\$UserName\AppData\Local\Packages\Microsoft.AzureVpn_8wekyb3d8bbwe\LocalState":
NewAzureVPNConnectionLog_$Date - Log/Transcript of the processed steps in the script (for example "NewAzureVPNConnectionLog_05-05-2020_12_23_05.log")
rasphone.pbk - File serving as a "bridge" for VPN configuration, configuration is not visible in Azure VPN Client without this file
6. When you determine that VPN connection is working successfully, upload the script to Intune and insert your clients in the scope (choose "Yes" when determining "Run this script using the logged on credentials")
.LINK
https://github.com/Peha1906
#>
# DEFINE DETAILS WHICH WILL BE INJECTED TO PBK FILE
$PBKFileDetails = 'PASTE BETWEEN THE QUOTATION MARKS CONTENT OF YOUR RASPHONE.PBK FILE'
# OBTAIN USERNAME OF THE LOGGED IN USER
$UserName = (Get-WmiObject -Class Win32_Process -Filter 'Name="explorer.exe"').GetOwner().User
# CLEAR VARIABLE
$SecondFolderLog = $Null
#========================================#
# === FIRST FOLDER PROCESSING START ==== #
#========================================#
# CREATE FOLDER IF IT DOESN'T EXISTS
$RequiredFolder = "C:\Users\$UserName\AppData\Local\Packages\Microsoft.AzureVpn_8wekyb3d8bbwe\LocalState"
$CheckRequiredFolder = Test-Path $RequiredFolder
if ($CheckRequiredFolder -eq $false)
{
# CREATE REQUIRED FOLDER
New-Item $RequiredFolder -ItemType Directory | Out-Null
# SET LOG LOCATION
$LogLocation = "$RequiredFolder\NewAzureVPNConnectionLog_$(Get-Date -Format 'dd-MM-yyyy_HH_mm_ss').log"
# START TRANSCRIPT
Start-Transcript -Path $LogLocation -Force -Append
# WRITE TO LOG
Write-Output "[$(Get-Date -Format 'dd-MM-yyyy_HH:mm:ss')] Required folder $RequiredFolder was created on the machine since it wasn't found."
# CREATE EMPTY PBK FILE
New-Item "$RequiredFolder\rasphone.pbk" -ItemType File | Out-Null
# WRITE TO LOG
Write-Output "[$(Get-Date -Format 'dd-MM-yyyy_HH:mm:ss')] File rasphone.pbk has been created in $RequiredFolder."
# POPULATE PBK FILE WITH CONFIGURATION DATA
Set-Content "$RequiredFolder\rasphone.pbk" $PBKFileDetails
# WRITE TO LOG
Write-Output "[$(Get-Date -Format 'dd-MM-yyyy_HH:mm:ss')] File rasphone.pbk has been populated with configuration details."
# STOP TRANSCRIPT
Stop-Transcript | Out-Null
}
# IN CASE THE FOLDER ALREADY EXISTS
else
{
# SET LOG LOCATION
$LogLocation = "$RequiredFolder\NewAzureVPNConnectionLog_$(Get-Date -Format 'dd-MM-yyyy_HH_mm_ss').log"
# START TRANSCRIPT
Start-Transcript -Path $LogLocation -Force -Append
# WRITE TO LOG
Write-Output "[$(Get-Date -Format 'dd-MM-yyyy_HH:mm:ss')] Folder $RequiredFolder already exists, that means that Azure VPN Client is already installed."
# CHECK IF RASPHONE.PBK FILE ALREADY EXISTS
$CheckRasphoneFile = Test-Path "$RequiredFolder\rasphone.pbk"
if ($CheckRasphoneFile -eq $false)
{
# WRITE TO LOG
Write-Output "[$(Get-Date -Format 'dd-MM-yyyy_HH:mm:ss')] File rasphone.pbk doesn't exist in $RequiredFolder."
# CREATE EMPTY PBK FILE
New-Item "$RequiredFolder\rasphone.pbk" -ItemType File | Out-Null
# WRITE TO LOG
Write-Output "[$(Get-Date -Format 'dd-MM-yyyy_HH:mm:ss')] File rasphone.pbk has been created in $RequiredFolder."
# POPULATE PBK FILE WITH CONFIGURATION DATA
Set-Content "$RequiredFolder\rasphone.pbk" $PBKFileDetails
# WRITE TO LOG
Write-Output "[$(Get-Date -Format 'dd-MM-yyyy_HH:mm:ss')] File rasphone.pbk has been populated with configuration details."
# STOP TRANSCRIPT
Stop-Transcript | Out-Null
}
else
{
# WRITE TO LOG
Write-Output "[$(Get-Date -Format 'dd-MM-yyyy_HH:mm:ss')] File rasphone.pbk already exists in $RequiredFolder."
# REMOVE RASPHONE.PBK FILE
Rename-Item -Path "$RequiredFolder\rasphone.pbk" -NewName "$RequiredFolder\rasphone.pbk_$(Get-Date -Format 'ddMMyyyy-HHmmss')"
# WRITE TO LOG
Write-Output "[$(Get-Date -Format 'dd-MM-yyyy_HH:mm:ss')] File rasphone.pbk has been renamed to rasphone.pbk_$(Get-Date -Format 'ddMMyyyy-HHmmss'). This file contains old configuration if it will be required in the future (in case it is, just rename it back to rasphone.pbk)."
# CREATE NEW RASPHONE.PBK FILE
New-Item "$RequiredFolder\rasphone.pbk" -ItemType File | Out-Null
# WRITE TO LOG
Write-Output "[$(Get-Date -Format 'dd-MM-yyyy_HH:mm:ss')] New rasphone.pbk file has been created in $RequiredFolder."
# POPULATE PBK FILE WITH CONFIGURATION DATA
Set-Content "$RequiredFolder\rasphone.pbk" $PBKFileDetails
# WRITE TO LOG
Write-Output "[$(Get-Date -Format 'dd-MM-yyyy_HH:mm:ss')] File rasphone.pbk has been populated with configuration details."
# STOP TRANSCRIPT
Stop-Transcript | Out-Null
}
}
#========================================#
# === FIRST FOLDER PROCESSING STOP ===== #
#========================================#
#========================================#
# === SECOND FOLDER PROCESSING START === #
#========================================#
$SecondUserFolder = "C:\Users\$UserName.$env:userdomain"
$CheckSecondFolder = Test-Path $SecondUserFolder
# CHECK IF SECOND USER FOLDER EXISTS - IF NO
if ($CheckSecondFolder -eq $false)
{
# START TRANSCRIPT
Start-Transcript -Path $LogLocation -Force -Append -IncludeInvocationHeader
# WRITE TO LOG
Write-Output "[$(Get-Date -Format 'dd-MM-yyyy_HH:mm:ss')] Folder $SecondUserFolder doesn't exist."
# STOP TRANSCRIPT
Stop-Transcript | Out-Null
}
# IF SECOND USER FOLDER EXISTS, CREATE NECESSARY FOLDER
else
{
$SecondUserFolderPath = "$SecondUserFolder\AppData\Local\Packages\Microsoft.AzureVpn_8wekyb3d8bbwe\LocalState"
$CatchSecondFolderPath = Test-Path $SecondUserFolderPath
if ($CatchSecondFolderPath -eq $true)
{
# SET LOG LOCATION
$LogLocationSecondFolder = "$SecondUserFolderPath\NewAzureVPNConnectionLog_$(Get-Date -Format 'dd-MM-yyyy_HH_mm_ss').log"
# START TRANSCRIPT
Start-Transcript -Path $LogLocationSecondFolder -Force -Append
# WRITE TO LOG
Write-Output "[$(Get-Date -Format 'dd-MM-yyyy_HH:mm:ss')] Folder $SecondUserFolder exists."
# WRITE TO LOG
Write-Output "[$(Get-Date -Format 'dd-MM-yyyy_HH:mm:ss')] Folder $SecondUserFolderPath already exists."
# CHECK IF RASPHONE.PBK FILE ALREADY EXISTS
$CheckRasphoneFileSecondUserFolderPath = Test-Path "$SecondUserFolderPath\rasphone.pbk"
if ($CheckRasphoneFileSecondUserFolderPath -eq $true)
{
# WRITE TO LOG
Write-Output "[$(Get-Date -Format 'dd-MM-yyyy_HH:mm:ss')] File rasphone.pbk already exists in $SecondUserFolderPath."
# REMOVE RASPHONE.PBK FILE
Rename-Item -Path "$SecondUserFolderPath\rasphone.pbk" -NewName "$SecondUserFolderPath\rasphone.pbk_$(Get-Date -Format 'ddMMyyyy-HHmmss')"
# WRITE TO LOG
Write-Output "[$(Get-Date -Format 'dd-MM-yyyy_HH:mm:ss')] File rasphone.pbk has been renamed to rasphone.pbk_$(Get-Date -Format 'ddMMyyyy-HHmmss'). This file contains old configuration if it will be required in the future (in case it is, just rename it back to rasphone.pbk)."
# CREATE EMPTY PBK FILE
New-Item "$SecondUserFolderPath\rasphone.pbk" -ItemType File | Out-Null
# WRITE TO LOG
Write-Output "[$(Get-Date -Format 'dd-MM-yyyy_HH:mm:ss')] New rasphone.pbk file has been created in $SecondUserFolderPath."
# POPULATE PBK FILE WITH CONFIGURATION DATA
Set-Content "$SecondUserFolderPath\rasphone.pbk" $PBKFileDetails
# WRITE TO LOG
Write-Output "[$(Get-Date -Format 'dd-MM-yyyy_HH:mm:ss')] File rasphone.pbk has been populated with configuration details."
# STOP TRANSCRIPT
Stop-Transcript | Out-Null
}
else
{
# CREATE EMPTY PBK FILE
New-Item "$SecondUserFolderPath\rasphone.pbk" -ItemType File | Out-Null
# WRITE TO LOG
Write-Output "[$(Get-Date -Format 'dd-MM-yyyy_HH:mm:ss')] New rasphone.pbk file has been created in $SecondUserFolderPath."
# POPULATE PBK FILE WITH CONFIGURATION DATA
Set-Content "$SecondUserFolderPath\rasphone.pbk" $PBKFileDetails
# WRITE TO LOG
Write-Output "[$(Get-Date -Format 'dd-MM-yyyy_HH:mm:ss')] File rasphone.pbk has been populated with configuration details.."
# STOP TRANSCRIPT
Stop-Transcript | Out-Null
}
}
else
{
# SET LOG LOCATION
$LogLocationSecondFolder = "$SecondUserFolderPath\NewAzureVPNConnectionLog_$(Get-Date -Format 'dd-MM-yyyy_HH_mm_ss').log"
# START TRANSCRIPT
Start-Transcript -Path $LogLocationSecondFolder -Force -Append
# WRITE TO LOG
Write-Output "[$(Get-Date -Format 'dd-MM-yyyy_HH:mm:ss')] Folder $SecondUserFolder exists."
# CREATE NEW FOLDER
New-Item $SecondUserFolder\AppData\Local\Packages\Microsoft.AzureVpn_8wekyb3d8bbwe\LocalState -ItemType Directory | Out-Null
$CatchSecondFolderPath = "$SecondUserFolder\AppData\Local\Packages\Microsoft.AzureVpn_8wekyb3d8bbwe\LocalState"
# WRITE TO LOG
Write-Output "[$(Get-Date -Format 'dd-MM-yyyy_HH:mm:ss')] Path $SecondUserFolderPath doesn't exist, we will create one."
# WRITE TO LOG
Write-Output "[$(Get-Date -Format 'dd-MM-yyyy_HH:mm:ss')] Folder $CatchSecondFolderPath has been created."
# CREATE EMPTY PBK FILE
New-Item "$SecondUserFolder\AppData\Local\Packages\Microsoft.AzureVpn_8wekyb3d8bbwe\LocalState\rasphone.pbk" -ItemType File | Out-Null
# WRITE TO LOG
Write-Output "[$(Get-Date -Format 'dd-MM-yyyy_HH:mm:ss')] New rasphone.pbk file has been created in $SecondUserFolderPath."
# POPULATE PBK FILE WITH CONFIGURATION DATA
Set-Content "$SecondUserFolder\AppData\Local\Packages\Microsoft.AzureVpn_8wekyb3d8bbwe\LocalState\rasphone.pbk" $PBKFileDetails
# WRITE TO LOG
Write-Output "[$(Get-Date -Format 'dd-MM-yyyy_HH:mm:ss')] File rasphone.pbk has been populated with configuration details."
# STOP TRANSCRIPT
Stop-Transcript | Out-Null
}
}
#========================================#
# === SECOND FOLDER PROCESSING STOP ==== #
#========================================#