We use the Windows Built-in VPN at my organization and we’re looking to get users off of it. I figure this would be a simple task to just create a fixlet using a single line in cmd.exe to remove it. I can run it through the debugger and it works fine. It even removes the native VPN on my computer. The problem is when I put it in a fixlet and deploy it to a computer for testing, nothing happens. Below is the action script I’m trying to use.
Let me know if you don’t get it figured out, I have some examples I can give you from BigFix for how we manage our Always On VPN entries. As Jason stated some VPN configs are in the user profile and some are in system vpn entries. You can identify the context by whether the vpn profile exists in the rasphone.pbk in %appdata%\Microsoft\Network\Connections\Pbk or C:\ProgramData\Microsoft\Network\Connections\Pbk.
Alright so I checked and it does appear to be set in the user profile. I tried to added currentuser to my action script but it failed with exit code 0. The VPN remains on the computer I was running it on.
I build out another fixlet where I uploaded a .bat file to the root server and then ran it like I would any software install. It shows that it completed successfully with exit code 0 but when I look at the computer I ran it against the VPN remains. The only thing in the .bat file is rasphone -R “NU VPN”, which I can run directly on the computer with no issues and it removes the VPN, so I’m not sure why this is failing…
Completed begin prefetch block
Completed add prefetch item name=94586a0d574a6ed0f9eeabe9e82016afe1c5732e sha1=94586a0d574a6ed0f9eeabe9e82016afe1c5732e size=20 url=SWDProtocol://127.0.0.1:52311/Uploads/94586a0d574a6ed0f9eeabe9e82016afe1c5732e/RemoveVPN.bat.bfswd sha256=1a2c2da88a6128e4cca1693e002446d65c482a5c5ea17acb49447d2d1631a639
Completed end prefetch block
Completed // All SWD files will go into a folder in the clients __BESData folder. This folder gets cleared on every restart.
Completed parameter “baseFolder” = "__Download/"
Completed // Move files into subfolders and unescape file names
Completed move “__Download/94586a0d574a6ed0f9eeabe9e82016afe1c5732e” "{parameter “baseFolder”}RemoveVPN.bat"
Completed override wait
Completed runas=currentuser
Completed wait “__Download\RemoveVPN.bat”
Alright so I’ve made changes based on everyone’s suggestions. Much appreciated, I now have a fixlet that will remove the vpn. Only problem now is that when it runs, PowerShell opens up on the screen and I want to keep that hidden. I’ve tried to change wait to waithidden and match the override command as well but it gives me an error and fails. Is there a way to run the PowerShell script and not have it open PowerShell to the screen?
Hello! glad to have found this here as we needed to delete unuse VPN entries to declutter. i have copied your script and created fixlet out of it but status returned failed. i was wondering if you could share me the bes file for your working one. thank you so much and i appreciate.