Help

Script: Remove VPN from network services in OS X

Not applicable

Posted on ‎04-25-2013 03:08 PM

I wrote this script to remove the VPN services within the Network settings of System Preferences. Unfortunately using the networksetup command was problematic in that it wouldn't allow the removal of the last of a service on IPv4 and simply disabling the services wasn't good enough for me. To work around this issue I had to resort to modifying the /Library/Preferences/SystemConfiguration/preferences.plist file directly.

I removed the VPN services because our company moved to a client-based VPN service that is not compatible with the built-in services of OS X. To prevent users from attempting to access the old VPN services, I felt it was best to remove them.

Fortunately, all of the VPN services we deployed included "VPN" as part of the name. This is important because the script looks for the string "VPN" in the service name in order to identify it for removal. If your system utilizes a different naming convention, you may have to modify the script below. 

#!/bin/sh

#   this script was written to remove vpn network services for osx
#   author:     Andrew Thomson
#   date:       05-26-13

#   make sure only root can run this script
if [[ $EUID -ne 0 ]]; then
   echo "This script must be run as root" 1>&2
   exit 1
fi

#   set path to preference file
theFilePath="/Library/Preferences/SystemConfiguration/preferences.plist"

#   make a backup copy of the preference file
if [ -e $theFilePath ]; then
    /bin/cp -f $theFilePath $theFilePath.bak
else
    echo Preference file not found.
    exit 1
fi

#   find network services keys -- assumes consistent file structure
theServiceKeys=`/usr/bin/xpath $theFilePath  "/plist/dict/dict[1]/key" | awk '{gsub("<key>","")};1' | awk '{gsub("</key>","
")};1'`

#   enumerate keys to identify VPN network services
for theService in $theServiceKeys
do
    theDefinedName=`/usr/libexec/PlistBuddy -c "Print :NetworkServices:$theService:UserDefinedName" $theFilePath`

    #   does this key contain a VPN service?
    isVPN=`echo $theDefinedName | grep -q VPN; echo $?`

    #   if VPN service is found, delete corrosponding key 
    if [ $isVPN == 0 ]; then
        /usr/libexec/PlistBuddy -c "Delete :NetworkServices:$theService" $theFilePath
        /usr/libexec/PlistBuddy -c Save $theFilePath
    fi
done
Reply
0 REPLIES 0