We're transitioning our client computers from one JSS to another. As part of this, we have to remove the current MDM profile before running the QuickAdd package to install the new one. We're doing so with the command
profiles -R -p <uuid>. This is successfully getting rid of the MDM profile, as well as all configuration profiles that were installed by the JSS. However, the VPN network service that was created by one of the config profiles still exists. The '-' button to remove it in System Preferences is greyed out and trying to run
networksetup -removenetworkservice <networkservicename> gives the following error:
You cannot remove CCAD VPN 1 because there aren't any other network services on IPv4.
** Error: The parameters were not valid.
@ljungholms Because I need the connection to the old JSS to stay up so that I can use it to push the QuickAdd package for my new JSS. Regardless -removeFramwork doesn't help with the original problem of the VPN network service not being removed along with its config profile.
Thanks for the input.
I ran into this one time. I ended up removing the service from
/Library/Preferences/SystemConfiguration/preferences.plist manually (I think with Xcode) and it was a giant pain.
The fix is probably scriptable - the actual key to remove is somewhat ambiguous, but there's a UserDefinedName in the dictionary which follows, which would help find the correct one.
Well hey, @bvrooman ! Yeah, I figured that was an option, but didn't want to dig through getting the right command to nail just the right key.
Something I've learned: my mistake with this VPN profile was deploying it at the user-level. I did this so that the username field could be pre-filled, but I believe this is what's causing problems with removal. I'm now deploying a new VPN profile at the computer level, and the network service it creates removes just fine when the MDM profile is zapped.
For now I've got a workaround. Once the new VPN profile is installed and there is another service, it lets me remove the old one. I have no idea why it thinks the old VPN service is the only IPv4 service until this occurs, but, oh well!
If you cannot remove the network configuration because you get an error saying it is the only network service on ipv4, click the plus button to add another network configuration, and add one that would be on ipv4 such as 6 to 4, you can then use the terminal command to delete the configuration you were attempting to delete before, and remove the 6 to 4 using the minus button.
I am also running into this issue, and it's driving me nuts. We had to recently push out a full new VPN profile, and now I can delete that one, but the original remains even after removing the profile.
Anyone able to point me in the right direction?
Hi to all,
I have the same problem and have to delete my vpn service from network preferences. I am new to this and need some more specifications. How do I create another service? I created another wifi service.... it did not work.
Do you mean create another VPN service? Thanks for your help.