-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathgenerator.py
executable file
·125 lines (105 loc) · 3.64 KB
/
generator.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
#!/usr/bin/python
# Kai Howells
#
import os
import sys
import uuid
import optparse
from munkilib import FoundationPlist
def build_plist(sharedSecret, username, password, company, server, override):
uuidOne = str(uuid.uuid4())
uuidTwo = str(uuid.uuid4())
plist = dict(
PayloadContent = [ dict(
DisconnectOnIdle = 0,
IPSec = dict(
AuthenticationMethod = "SharedSecret",
OnDemandEnabled = 0,
PromptForVPNPIN = False,
# this somehow needs to be a data object, not a string
# so it's masked as base64 in the plist...
# but I don't know how to use FoundationPlist to create
# a data object, so it's a plain string at the moment
SharedSecret = sharedSecret
),
IPv4 = dict(
OverridePrimary = override,
),
PPP = dict(
AuthName = username,
AuthPassword = password,
AuthenticationMethod = "Password",
CommRemoteAddress = server,
OnDemandEnabled = 0,
),
PayloadDisplayName = "VPN (" + company +")",
PayloadEnabled = True,
PayloadIdentifier = "com.apple.mdm." + company.lower() + ".private." + uuidOne + ".alacarte.vpn." + uuidTwo,
PayloadType = "com.apple.vpn.managed",
PayloadUUID = uuidTwo,
PayloadVersion = 1,
Proxies = dict(
),
UserDefinedName = company + " VPN",
VPNType = "L2TP",
)
],
PayloadDisplayName = company + " VPN",
PayloadIdentifier = "com.apple.mdm." + company.lower().replace(" ", "") + ".private." + uuidOne + ".alacarte",
PayloadOrganization = company,
PayloadRemovalDisallowed = False,
PayloadScope = "User",
PayloadType = "Configuratrion",
PayloadUUID = uuidOne,
PayloadVersion = 1,
)
return plist
def write_plist(plist,filename):
FoundationPlist.writePlist(plist, filename)
def main():
"""Main routine"""
usage = """usage: %prog [options] [/path/to/profile.mobileconfig]
Creates a configuration profile, profile.mobileconfig
To configure a L2TP VPN on a macOS machine without needing
to have Profile Manager running on a macOS Server just to
build some basic configuration profiles.
"""
parser = optparse.OptionParser(usage=usage)
parser.add_option('--username', '-u',
help='The username for the L2TP VPN Server.')
parser.add_option('--password', '-p',
help='The password for the L2TP VPN Server.')
parser.add_option('--secret', '-s',
help='The shared secret for the L2TP VPN Server.')
parser.add_option('--company', '-c',
help='The company name for the generated Configuration Profile.')
parser.add_option('--vpn', '-v',
help='The IP Address or hostname of the VPN Endpoint.')
parser.add_option('--override', '-o', action="store_true", dest="override",
help='Configures the VPN to send all network traffic through this connection')
if len(sys.argv) == 1:
parser.print_usage()
exit(0)
options, arguments = parser.parse_args()
if not options.username or not options.password or not options.secret or not options.company or not options.vpn:
parser.print_help()
exit(0)
sharedSecret = options.secret
username = options.username
password = options.password
company = options.company
server = options.vpn
override = options.override
if override != True:
override = False
mobileConfig = None
if arguments:
mobileConfig = arguments[0]
else:
mobileConfig = os.getcwd() +"/" + company + " VPN for " + username + ".mobileconfig"
print ("Created Configuration Profile: " + mobileConfig)
plist = build_plist(sharedSecret, username, password, company, server, override)
write_plist(plist,mobileConfig)
if __name__ == '__main__':
main()