Posted on 04-10-2020 10:37 AM
The Cisco AnyConnect VPN Client version 4.8.01090 package installs successfully on a test Mac from a policy created in Jamf. However, how do I include the two .xml files into the VPN package so users can retrieve a VPN Cert from the SCEP server and choose which geographical VPN server to choose? The two .xml files need to be placed in the /opt/cisco/anyconnect/profile location. What's the most expedient way to do this?
Posted on 04-10-2020 11:26 AM
Installing Components of Cisco AnyConnect 4.7
That post talks about using the -applyChoiceChangesXML
flag for the installer
binary to install just portions of AnyConnect (rather than everything like DART, etc). Using a postinstall
script you call the installer after placing the AnyConnect PKG in a temp location.
You can use the postinstall
to also move the XML files into the proper locations. Just add the XML to the temp location and add the lines in the postinstall
to move the files into their final destination.
Hopefully that gives you an idea of where to start.
Posted on 04-10-2020 01:21 PM
My approach was to put into /var/tmp 1)the vanilla VPN.pkg, 2) the choices.xml file for the Apple installer, and 3) another signed installer I made that places the 2 Cisco customized XML files into /opt/cisco/anyconnect/profile. Use Composer to package these into a signed package by dragging from /var/tmp, and use the post install script to call the command line installer binary for both packages like
/usr/sbin/installer -target / -pkg /var/tmp/vpn.pkg -applyChoiceChangesXML /var/tmp/vpnchoices.xml
/usr/sbin/installer -target / -pkg /var/tmp/vpncustomxml.pkg
So the "outside" installer will just put the 2 packages and vpnchoices.xml into /var/tmp. Then the post install script will use the command line installer tool to properly run both .pkg files.