Windowsserverdocs: Bug in Makeprofile.ps1 script

Created on 5 Feb 2019  Â·  9Comments  Â·  Source: MicrosoftDocs/windowsserverdocs

On running the makesprofile.ps1scriptit throws up numerous errors. It is specifically has issues in the section

$ProfileNameEscaped = $ProfileName -replace ' ', '%20'

$ProfileXML = ''' + $ProfileXML + '''

$ProfileXML = $ProfileXML -replace '<', '<'
$ProfileXML = $ProfileXML -replace '>', '>'
$ProfileXML = $ProfileXML -replace '"', '"'

I have downloaded an older TechNet guide https://gallery.technet.microsoft.com/always-on-vpn-deployment-e681bc7d

In this guide the script is different and does not throw errors such as $ProfileNamedEscaped = $ProfileName -replace ' ', '%20'

I suspect there is an issue with the script uploaded on the webpage.

The older PowerShell will generate a set of scripts, but when I try and create a VPN profile it says

Unable to remove existing outdated instance(s) of AlwaysOnVPN profile: Access is denied

Can someone confirm where a correct script is located. I would then be able troubleshoot the profile creation


Document Details

⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.

Pri2 windows-server-thresholprod

Most helpful comment

The relevant section should look like this here:
These are single quotes and not double quotes!!!

$Script = '$ProfileName = ''' + $ProfileName + '''
$ProfileNameEscaped = $ProfileName -replace '' '', ''%20''

$ProfileXML = ''' + $ProfileXML + '''

$ProfileXML = $ProfileXML -replace ''<'', ''<''
$ProfileXML = $ProfileXML -replace ''>'', ''>''
$ProfileXML = $ProfileXML -replace ''"'', ''"''

$nodeCSPURI = ''./Vendor/MSFT/VPNv2''
$namespaceName = ''root\cimv2\mdm\dmmap''
$className = ''MDM_VPNv2_01''

All 9 comments

This script worked completely fine for me - Thanks.
The 'access is denied' issue sounds related to local admin privileges - Make sure you're running powershell / ISE as an administrator.

  • And also if necessary: - manually delete any created profiles (excluding Template) from your VPN settings

We have managed to get the profile on the machine. There is definitely an issue with the script currently on the website. When I replaced the lines of code with errors with ones from an earlier script, it works fine

Agreed!
Sorry I don't think I was very clear in my first response - The script you provided in the link worked fine for me, the one listed on the MS page didn't.
Hopefully they'll amend it soon.

The relevant section should look like this here:
These are single quotes and not double quotes!!!

$Script = '$ProfileName = ''' + $ProfileName + '''
$ProfileNameEscaped = $ProfileName -replace '' '', ''%20''

$ProfileXML = ''' + $ProfileXML + '''

$ProfileXML = $ProfileXML -replace ''<'', ''<''
$ProfileXML = $ProfileXML -replace ''>'', ''>''
$ProfileXML = $ProfileXML -replace ''"'', ''"''

$nodeCSPURI = ''./Vendor/MSFT/VPNv2''
$namespaceName = ''root\cimv2\mdm\dmmap''
$className = ''MDM_VPNv2_01''

3 Month ago and noone from M$ seem to care changing this in the documentation. Does anybody read the feedback here ?

An extra ' is required on line:
$Script = '$ProfileName = ''' + $ProfileName + '''
to become: $Script = '$ProfileName = ''' + $ProfileName + ''''
As the trailing quote has been omitted in the sample.

There are multiple syntax errors in the powershell script, these can all be alleviated if you encapsulate the XML content into an array.

I have done this and pulled branch to master, see below for working version

https://github.com/frasercarter/windowsserverdocs/blob/07cf38bcc1f67d847c2e297b1fa5a9e436076949/WindowsServerDocs/remote/remote-access/vpn/always-on-vpn/deploy/vpn-deploy-client-vpn-connections.md

I'm pretty sure all the issues seen here are because of the script being embedded in a web page, one quotes being re-formatted and the bits in the line "$ProfileXML -replace" being interpreted as HTML rather than the actual escape characters. For instance, this is what some of the comments suggest using which obviously doesn't make sense - these lines essentially do nothing, because the browser has interpreted the escape codes that should be there.

$ProfileXML = $ProfileXML -replace ''<'', ''<''
$ProfileXML = $ProfileXML -replace ''>'', ''>''
$ProfileXML = $ProfileXML -replace ''"'', ''"''

Hopefully this helps someone out. Link to raw script on github
https://raw.githubusercontent.com/davelee212/powershell-general/master/always-on-vpn-profile/create-csp-and-script-for-deployment.ps1

Was this page helpful?
0 / 5 - 0 ratings

Related issues

gynnantonix picture gynnantonix  Â·  5Comments

carlosmayol picture carlosmayol  Â·  4Comments

jdrch picture jdrch  Â·  3Comments

wilsonnkwan picture wilsonnkwan  Â·  4Comments

yoshihirok picture yoshihirok  Â·  4Comments