deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 21:37:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Updated XSD based on examples and reformatted examples to pass XML validation

Browse Source
This commit is contained in:
Leo D'Arcy 2020-04-26 23:29:49 +01:00
parent d73a5e78e0
commit eae738d664
1 changed files with 205 additions and 204 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

325
windows/client-management/mdm/vpnv2-profile-xsd.md
View File

@ -14,12 +14,10 @@ ms.date: 02/05/2018
# ProfileXML XSD # ProfileXML XSD
Here's the XSD for the ProfileXML node in VPNv2 CSP for Windows 10 and some profile examples. Here's the XSD for the ProfileXML node in VPNv2 CSP for Windows 10 and some profile examples.
## XSD for the VPN profile ## XSD for the VPN profile
```xml ```xml
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
@ -51,15 +49,15 @@ Here's the XSD for the ProfileXML node in VPNv2 CSP for Windows 10 and some pro
</xs:complexType> </xs:complexType>
</xs:element> </xs:element>
<xs:element name="APNBinding" minOccurs="0" maxOccurs="1"> <xs:element name="APNBinding" minOccurs="0" maxOccurs="1">
<xs:complexType> <xs:complexType>
<xs:sequence> <xs:sequence>
<xs:element name="ProviderId" type="xs:string" minOccurs="0" maxOccurs="1"/> <xs:element name="ProviderId" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="AccessPointName" type="xs:string" minOccurs="0" maxOccurs="1"/> <xs:element name="AccessPointName" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="UserName" type="xs:string" minOccurs="0" maxOccurs="1"/> <xs:element name="UserName" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="Password" type="xs:string" minOccurs="0" maxOccurs="1"/> <xs:element name="Password" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="IsCompressionEnabled" type="xs:boolean" minOccurs="0" maxOccurs="1"/> <xs:element name="IsCompressionEnabled" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
<xs:element name="AuthenticationType" type="xs:string" minOccurs="0" maxOccurs="1"/> <xs:element name="AuthenticationType" type="xs:string" minOccurs="0" maxOccurs="1"/>
</xs:sequence> </xs:sequence>
</xs:complexType> </xs:complexType>
</xs:element> </xs:element>
@ -89,7 +87,7 @@ Here's the XSD for the ProfileXML node in VPNv2 CSP for Windows 10 and some pro
</xs:sequence> </xs:sequence>
</xs:complexType> </xs:complexType>
</xs:element> </xs:element>
<xs:element name="AppTrigger" minOccurs="0" maxOccurs="1"> <xs:element name="AppTrigger" minOccurs="0" maxOccurs="unbounded">
<xs:complexType> <xs:complexType>
<xs:sequence> <xs:sequence>
<xs:element name="App" minOccurs="1" maxOccurs="1"> <xs:element name="App" minOccurs="1" maxOccurs="1">
@ -115,7 +113,13 @@ Here's the XSD for the ProfileXML node in VPNv2 CSP for Windows 10 and some pro
<xs:element name="TrafficFilter" minOccurs="0" maxOccurs="unbounded"> <xs:element name="TrafficFilter" minOccurs="0" maxOccurs="unbounded">
<xs:complexType> <xs:complexType>
<xs:sequence> <xs:sequence>
<xs:element name="App" type="xs:string" minOccurs="0" maxOccurs="1"/> <xs:element name="App" minOccurs="0" maxOccurs="1">
<xs:complexType>
<xs:sequence>
<xs:element name="Id" type="xs:string" minOccurs="1" maxOccurs="1"/>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="Claims" type="xs:string" minOccurs="0" maxOccurs="1"/> <xs:element name="Claims" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="Protocol" type="xs:string" minOccurs="0" maxOccurs="1"/> <xs:element name="Protocol" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="LocalPortRanges" type="xs:string" minOccurs="0" maxOccurs="1"/> <xs:element name="LocalPortRanges" type="xs:string" minOccurs="0" maxOccurs="1"/>
@ -148,23 +152,25 @@ Here's the XSD for the ProfileXML node in VPNv2 CSP for Windows 10 and some pro
</xs:element> </xs:element>
<xs:element name="Authentication" minOccurs="1" maxOccurs="1"> <xs:element name="Authentication" minOccurs="1" maxOccurs="1">
<xs:complexType> <xs:complexType>
<xs:sequence> <xs:choice>
<xs:element name="UserMethod" type="xs:string" minOccurs="0" maxOccurs="1" /> <xs:sequence>
<xs:element name="UserMethod" type="xs:string" minOccurs="0" maxOccurs="1" />
<xs:element name="Eap" minOccurs="1" maxOccurs="1">
<xs:complexType>
<xs:sequence>
<xs:element name="Configuration" minOccurs="1" maxOccurs="1">
<xs:complexType>
<xs:sequence>
<xs:element xmlns:q1="http://www.microsoft.com/provisioning/EapHostConfig" ref="q1:EapHostConfig" />
</xs:sequence>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
</xs:sequence>
<xs:element name="MachineMethod" type="xs:string" minOccurs="0" maxOccurs="1" /> <xs:element name="MachineMethod" type="xs:string" minOccurs="0" maxOccurs="1" />
<xs:element name="Eap" minOccurs="1" maxOccurs="1"> </xs:choice>
<xs:complexType>
<xs:sequence>
<xs:element name="Configuration" minOccurs="1" maxOccurs="1">
<xs:complexType>
<xs:sequence>
<xs:element xmlns:q1="http://www.microsoft.com/provisioning/EapHostConfig" ref="q1:EapHostConfig" />
</xs:sequence>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType> </xs:complexType>
</xs:element> </xs:element>
</xs:sequence> </xs:sequence>
@ -175,6 +181,7 @@ Here's the XSD for the ProfileXML node in VPNv2 CSP for Windows 10 and some pro
<xs:sequence> <xs:sequence>
<xs:element name="Address" type="xs:string" minOccurs="1" maxOccurs="1"/> <xs:element name="Address" type="xs:string" minOccurs="1" maxOccurs="1"/>
<xs:element name="PrefixSize" type="xs:unsignedByte" minOccurs="1" maxOccurs="1"/> <xs:element name="PrefixSize" type="xs:unsignedByte" minOccurs="1" maxOccurs="1"/>
<xs:element name="ExclusionRoute" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
</xs:sequence> </xs:sequence>
</xs:complexType> </xs:complexType>
</xs:element> </xs:element>
@ -186,17 +193,79 @@ Here's the XSD for the ProfileXML node in VPNv2 CSP for Windows 10 and some pro
## Native profile example ## Native profile example
```xml
```
<VPNProfile> <VPNProfile>
<EdpModeId>corp.contoso.com</EdpModeId>
<RememberCredentials>true</RememberCredentials>
<AlwaysOn>false</AlwaysOn>
<DnsSuffix>corp.contoso.com</DnsSuffix>
<TrustedNetworkDetection>contoso.com</TrustedNetworkDetection>
<Proxy>
<AutoConfigUrl>Helloworld.Com</AutoConfigUrl>
<Manual>
<Server>HelloServer</Server>
</Manual>
</Proxy>
<DeviceCompliance>
<Enabled>true</Enabled>
<Sso>
<Enabled>true</Enabled>
<Eku>This is my Eku</Eku>
<IssuerHash>This is my issuer hash</IssuerHash>
</Sso>
</DeviceCompliance>
<AppTrigger>
<App>
<Id>Microsoft.MicrosoftEdge_8wekyb3d8bbwe</Id>
</App>
</AppTrigger>
<AppTrigger>
<App>
<Id>C:\windows\system32\ping.exe</Id>
</App>
</AppTrigger>
<DomainNameInformation>
<DomainName>hrsite.corporate.contoso.com</DomainName>
<DnsServers>1.2.3.4,5.6.7.8</DnsServers>
<WebProxyServers>5.5.5.5</WebProxyServers>
<AutoTrigger>true</AutoTrigger>
</DomainNameInformation>
<DomainNameInformation>
<DomainName>.corp.contoso.com</DomainName>
<DnsServers>10.10.10.10,20.20.20.20</DnsServers>
<WebProxyServers>100.100.100.100</WebProxyServers>
</DomainNameInformation>
<TrafficFilter>
<App>
<Id>%ProgramFiles%\Internet Explorer\iexplore.exe</Id>
</App>
<Protocol>6</Protocol>
<LocalPortRanges>10,20-50,100-200</LocalPortRanges>
<RemotePortRanges>20-50,100-200,300</RemotePortRanges>
<RemoteAddressRanges>30.30.0.0/16,10.10.10.10-20.20.20.20</RemoteAddressRanges>
<RoutingPolicyType>ForceTunnel</RoutingPolicyType>
</TrafficFilter>
<TrafficFilter>
<App>
<Id>Microsoft.MicrosoftEdge_8wekyb3d8bbwe</Id>
</App>
<LocalAddressRanges>3.3.3.3/32,1.1.1.1-2.2.2.2</LocalAddressRanges>
</TrafficFilter>
<NativeProfile> <NativeProfile>
<Servers>testServer.VPN.com</Servers> <Servers>testServer.VPN.com</Servers>
<RoutingPolicyType>SplitTunnel</RoutingPolicyType>
<NativeProtocolType>IKEv2</NativeProtocolType> <NativeProtocolType>IKEv2</NativeProtocolType>
<DisableClassBasedDefaultRoute>true</DisableClassBasedDefaultRoute>
<Authentication> <Authentication>
<UserMethod>Eap</UserMethod> <UserMethod>Eap</UserMethod>
<MachineMethod>Eap</MachineMethod>
<Eap> <Eap>
<Configuration> <Configuration>
<EapHostConfig xmlns="http://www.microsoft.com/provisioning/EapHostConfig"> <EapHostConfig xmlns="http://www.microsoft.com/provisioning/EapHostConfig">
<EapMethod> <EapMethod>
<Type xmlns="http://www.microsoft.com/provisioning/EapCommon">25</Type> <Type xmlns="http://www.microsoft.com/provisioning/EapCommon">25</Type>
@ -263,8 +332,6 @@ Here's the XSD for the ProfileXML node in VPNv2 CSP for Windows 10 and some pro
</Configuration> </Configuration>
</Eap> </Eap>
</Authentication> </Authentication>
<RoutingPolicyType>SplitTunnel</RoutingPolicyType>
<DisableClassBasedDefaultRoute>true</DisableClassBasedDefaultRoute>
</NativeProfile> </NativeProfile>
<Route> <Route>
@ -275,6 +342,43 @@ Here's the XSD for the ProfileXML node in VPNv2 CSP for Windows 10 and some pro
<Address>10.10.0.0</Address> <Address>10.10.0.0</Address>
<PrefixSize>16</PrefixSize> <PrefixSize>16</PrefixSize>
</Route> </Route>
</VPNProfile>
```
## Plug-in profile example
```xml
<VPNProfile>
<!--<EdpModeId>corp.contoso.com</EdpModeId>-->
<RememberCredentials>true</RememberCredentials>
<AlwaysOn>false</AlwaysOn>
<DnsSuffix>corp.contoso.com</DnsSuffix>
<TrustedNetworkDetection>contoso.com,test.corp.contoso.com</TrustedNetworkDetection>
<DeviceTunnel>false</DeviceTunnel>
<RegisterDNS>false</RegisterDNS>
<Proxy>
<AutoConfigUrl>Helloworld.Com</AutoConfigUrl>
<Manual>
<Server>HelloServer</Server>
</Manual>
</Proxy>
<APNBinding>
<ProviderId></ProviderId>
<AccessPointName></AccessPointName>
<UserName></UserName>
<Password></Password>
<IsCompressionEnabled>true</IsCompressionEnabled>
<AuthenticationType></AuthenticationType>
</APNBinding>
<PluginProfile>
<ServerUrlList>testserver1.contoso.com;testserver2.contoso..com</ServerUrlList>
<CustomConfiguration><pulse-schema><isSingleSignOnCredential>true</isSingleSignOnCredential></pulse-schema></CustomConfiguration>
<PluginPackageFamilyName>JuniperNetworks.JunosPulseVpn_cw5n1h2txyewy</PluginPackageFamilyName>
</PluginProfile>
<AppTrigger> <AppTrigger>
<App> <App>
@ -283,10 +387,21 @@ Here's the XSD for the ProfileXML node in VPNv2 CSP for Windows 10 and some pro
</AppTrigger> </AppTrigger>
<AppTrigger> <AppTrigger>
<App> <App>
<Id>C:\windows\system32\ping.exe</Id> <Id>%ProgramFiles%\Internet Explorer\iexplore.exe</Id>
</App> </App>
</AppTrigger> </AppTrigger>
<DomainNameInformation>
<DomainName>corp.contoso.com</DomainName>
<DnsServers>1.2.3.4,5.6.7.8</DnsServers>
<WebProxyServers>5.5.5.5</WebProxyServers>
<AutoTrigger>false</AutoTrigger>
</DomainNameInformation>
<DomainNameInformation>
<DomainName>corp.contoso.com</DomainName>
<DnsServers>10.10.10.10,20.20.20.20</DnsServers>
<WebProxyServers>100.100.100.100</WebProxyServers>
</DomainNameInformation>
<TrafficFilter> <TrafficFilter>
<App> <App>
@ -296,7 +411,7 @@ Here's the XSD for the ProfileXML node in VPNv2 CSP for Windows 10 and some pro
<LocalPortRanges>10,20-50,100-200</LocalPortRanges> <LocalPortRanges>10,20-50,100-200</LocalPortRanges>
<RemotePortRanges>20-50,100-200,300</RemotePortRanges> <RemotePortRanges>20-50,100-200,300</RemotePortRanges>
<RemoteAddressRanges>30.30.0.0/16,10.10.10.10-20.20.20.20</RemoteAddressRanges> <RemoteAddressRanges>30.30.0.0/16,10.10.10.10-20.20.20.20</RemoteAddressRanges>
<RoutingPolicyType>ForceTunnel</RoutingPolicyType> <!--<RoutingPolicyType>ForceTunnel</RoutingPolicyType>-->
</TrafficFilter> </TrafficFilter>
<TrafficFilter> <TrafficFilter>
<App> <App>
@ -304,135 +419,21 @@ Here's the XSD for the ProfileXML node in VPNv2 CSP for Windows 10 and some pro
</App> </App>
<LocalAddressRanges>3.3.3.3/32,1.1.1.1-2.2.2.2</LocalAddressRanges> <LocalAddressRanges>3.3.3.3/32,1.1.1.1-2.2.2.2</LocalAddressRanges>
</TrafficFilter> </TrafficFilter>
<TrafficFilter>
<App>
<Id>Microsoft.MicrosoftEdge_8wekyb3d8bbwe</Id>
</App>
<Claims>O:SYG:SYD:(A;;CC;;;AU)</Claims>
<!--<RoutingPolicyType>SplitTunnel</RoutingPolicyType>-->
</TrafficFilter>
<Route>
<DomainNameInformation> <Address>192.168.0.0</Address>
<DomainName>hrsite.corporate.contoso.com</DomainName> <PrefixSize>24</PrefixSize>
<DnsServers>1.2.3.4,5.6.7.8</DnsServers> </Route>
<WebProxyServers>5.5.5.5</WebProxyServers> <Route>
<AutoTrigger>true</AutoTrigger> <Address>10.10.0.0</Address>
</DomainNameInformation> <PrefixSize>16</PrefixSize>
<DomainNameInformation> </Route>
<DomainName>.corp.contoso.com</DomainName>
<DnsServers>10.10.10.10,20.20.20.20</DnsServers>
<WebProxyServers>100.100.100.100</WebProxyServers>
</DomainNameInformation>
<EdpModeId>corp.contoso.com</EdpModeId>
<RememberCredentials>true</RememberCredentials>
<AlwaysOn>false</AlwaysOn>
<DnsSuffix>corp.contoso.com</DnsSuffix>
<TrustedNetworkDetection>contoso.com</TrustedNetworkDetection>
<Proxy>
<Manual>
<Server>HelloServer</Server>
</Manual>
<AutoConfigUrl>Helloworld.Com</AutoConfigUrl>
</Proxy>
<DeviceCompliance>
<Enabled>true</Enabled>
<Sso>
<Enabled>true</Enabled>
<Eku>This is my Eku</Eku>
<IssuerHash>This is my issuer hash</IssuerHash>
</Sso>
</DeviceCompliance>
</VPNProfile> </VPNProfile>
``` ```
## Plug-in profile example
```xml
<VPNProfile>
<PluginProfile>
<ServerUrlList>testserver1.contoso.com;testserver2.contoso..com</ServerUrlList>
<PluginPackageFamilyName>JuniperNetworks.JunosPulseVpn_cw5n1h2txyewy</PluginPackageFamilyName>
<CustomConfiguration><pulse-schema><isSingleSignOnCredential>true</isSingleSignOnCredential></pulse-schema></CustomConfiguration>
</PluginProfile>
<Route>
<Address>192.168.0.0</Address>
<PrefixSize>24</PrefixSize>
</Route>
<Route>
<Address>10.10.0.0</Address>
<PrefixSize>16</PrefixSize>
</Route>
<AppTrigger>
<App>
<Id>Microsoft.MicrosoftEdge_8wekyb3d8bbwe</Id>
</App>
</AppTrigger>
<AppTrigger>
<App>
<Id>%ProgramFiles%\Internet Explorer\iexplore.exe</Id>
</App>
</AppTrigger>
<TrafficFilter>
<App>
<Id>%ProgramFiles%\Internet Explorer\iexplore.exe</Id>
</App>
<Protocol>6</Protocol>
<LocalPortRanges>10,20-50,100-200</LocalPortRanges>
<RemotePortRanges>20-50,100-200,300</RemotePortRanges>
<RemoteAddressRanges>30.30.0.0/16,10.10.10.10-20.20.20.20</RemoteAddressRanges>
<!--<RoutingPolicyType>ForceTunnel</RoutingPolicyType>-->
</TrafficFilter>
<TrafficFilter>
<App>
<Id>Microsoft.MicrosoftEdge_8wekyb3d8bbwe</Id>
</App>
<LocalAddressRanges>3.3.3.3/32,1.1.1.1-2.2.2.2</LocalAddressRanges>
</TrafficFilter>
<TrafficFilter>
<App>
<Id>Microsoft.MicrosoftEdge_8wekyb3d8bbwe</Id>
</App>
<Claims>O:SYG:SYD:(A;;CC;;;AU)</Claims>
<!--<RoutingPolicyType>SplitTunnel</RoutingPolicyType>-->
</TrafficFilter>
<DomainNameInformation>
<DomainName>corp.contoso.com</DomainName>
<DnsServers>1.2.3.4,5.6.7.8</DnsServers>
<WebProxyServers>5.5.5.5</WebProxyServers>
<AutoTrigger>false</AutoTrigger>
</DomainNameInformation>
<DomainNameInformation>
<DomainName>corp.contoso.com</DomainName>
<DnsServers>10.10.10.10,20.20.20.20</DnsServers>
<WebProxyServers>100.100.100.100</WebProxyServers>
</DomainNameInformation>
<!--<EdpModeId>corp.contoso.com</EdpModeId>-->
<RememberCredentials>true</RememberCredentials>
<AlwaysOn>false</AlwaysOn>
<DeviceTunnel>false</DeviceTunnel>
<RegisterDNS>false</RegisterDNS>
<DnsSuffix>corp.contoso.com</DnsSuffix>
<TrustedNetworkDetection>contoso.com,test.corp.contoso.com</TrustedNetworkDetection>
<Proxy>
<Manual>
<Server>HelloServer</Server>
</Manual>
<AutoConfigUrl>Helloworld.Com</AutoConfigUrl>
</Proxy>
<APNBinding>
<ProviderId></ProviderId>
<AccessPointName></AccessPointName>
<UserName></UserName>
<Password></Password>
<IsCompressionEnabled></IsCompressionEnabled>
<AuthenticationType></AuthenticationType>
</APNBinding>
</VPNProfile>
```