I have been working on a script that uses OpenVPN v3's command line to try and import a profile.
But I have hit an issue I can't seem to resolve on my own. When I run the script standalone it works, but I need this to be run via intune and company portal.
When the script runs via company portal the logs say that the import was successful, but the OpenVPN connect app sees nothing. My guess is that the company portal has a hidden user that runs the script, so that's where the OpenVPN connect profile is going.
The script is
param (
[string]$OvpnProfilePath,
[string]$DisplayName
)
# Specify the path to the OpenVPN Connect executable
$openVpnConnectExecutable = "$Env:Programfiles\OpenVPN Connect\OpenVPNConnect.exe"
# Specify the path to your OpenVPN profile file (.ovpn or .opvn)
$scriptRoot = $PSScriptRoot
$OvpnProfilePath = Join-Path -Path $scriptRoot -ChildPath "$OvpnProfilePath.ovpn"
# Specify the path to the log file for OpenVPN Connect
$openVpnLogFilePath = Join-Path -Path C:\temp -ChildPath "OpenVpnConnectLog.txt"
# Logging
$logFilePath = Join-Path -Path C:\temp -ChildPath "IntuneScriptLog.txt"
Start-Transcript -Path $logFilePath -Append
try {
Write-Host "Executing script from: $scriptRoot"
# Set the working directory to the script directory
Set-Location -Path $scriptRoot
# Check if OpenVPN Connect executable exists
if (-not (Test-Path $openVpnConnectExecutable -PathType Leaf)) {
Write-Host "Error: OpenVPN Connect executable not found at $openVpnConnectExecutable"
exit 1
}
# Check if the OpenVPN profile file exists
if (-not (Test-Path $OvpnProfilePath -PathType Leaf)) {
Write-Host "Error: OpenVPN profile file not found at $OvpnProfilePath"
exit 1
}
# Check if OpenVPN Connect is already running
$openVpnProcess = Get-Process -Name "openvpnconnect" -ErrorAction SilentlyContinue
if ($openVpnProcess -ne $null) {
Write-Host "OpenVPN Connect is running. Closing OpenVPN Connect..."
Stop-Process -Name "openvpnconnect" -Force
Start-Sleep -Seconds 5 # Allow time for the process to close
}
# Start OpenVPN Connect and import the profile, redirecting both output streams to the same log file
$processStartInfo = New-Object System.Diagnostics.ProcessStartInfo
$processStartInfo.FileName = $openVpnConnectExecutable
$processStartInfo.Arguments = "--import-profile=$OvpnProfilePath --name=$DisplayName"
$processStartInfo.RedirectStandardOutput = $true
$processStartInfo.RedirectStandardError = $true
$processStartInfo.UseShellExecute = $false
$processStartInfo.CreateNoWindow = $true
$process = [System.Diagnostics.Process]::Start($processStartInfo)
$output = $process.StandardOutput.ReadToEnd()
$errorOutput = $process.StandardError.ReadToEnd()
$process.WaitForExit()
# Log the output to the OpenVpnConnectLog.txt file
$output + $errorOutput | Out-File -FilePath $openVpnLogFilePath -Encoding UTF8
# Check if the import was successful
if ($process.ExitCode -eq 0) {
# Create success indicator file
$successFilePath = Join-Path -Path C:\temp -ChildPath "OpenVpn-SuccessIndicator.txt"
New-Item -ItemType File -Path $successFilePath -Force | Out-Null
Write-Host "OpenVPN profile imported successfully. Display Name: $DisplayName"
} else {
Write-Host "Failed to import OpenVPN profile. Display Name: $DisplayName"
}
# Start OpenVPN Connect
Start-Process -FilePath $openVpnConnectExecutable
Write-Host "OpenVPN Connect has been launched."
} catch {
Write-Host "Error: $_"
} finally {
# Logging
Stop-Transcript
}
I have tried everything I know.
The logs say that the import is a success but nothing is showed up in the program.
Here you can read about the commands I'm using: https://openvpn.net/vpn-server-resources/command-line-functionality-for-openvpn-connect/