deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 21:37:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Updated XSD based on examples and reformatted examples to pass XML validation

Browse Source
This commit is contained in:
Leo D'Arcy 2020-04-26 23:29:49 +01:00
parent d73a5e78e0
commit eae738d664
1 changed files with 205 additions and 204 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

409
windows/client-management/mdm/vpnv2-profile-xsd.md
View File

@ -2,7 +2,7 @@
title: ProfileXML XSD title: ProfileXML XSD
description: Here's the XSD for the ProfileXML node in VPNv2 CSP for Windows 10 and some profile examples. description: Here's the XSD for the ProfileXML node in VPNv2 CSP for Windows 10 and some profile examples.
ms.assetid: 2F32E14B-F9B9-4760-AE94-E57F1D4DFDB3 ms.assetid: 2F32E14B-F9B9-4760-AE94-E57F1D4DFDB3
ms.reviewer: ms.reviewer:
manager: dansimp manager: dansimp
ms.author: dansimp ms.author: dansimp
ms.topic: article ms.topic: article
@ -14,12 +14,10 @@ ms.date: 02/05/2018
# ProfileXML XSD # ProfileXML XSD
Here's the XSD for the ProfileXML node in VPNv2 CSP for Windows 10 and some profile examples. Here's the XSD for the ProfileXML node in VPNv2 CSP for Windows 10 and some profile examples.
## XSD for the VPN profile ## XSD for the VPN profile
```xml ```xml
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
@ -51,15 +49,15 @@ Here's the XSD for the ProfileXML node in VPNv2 CSP for Windows 10 and some pro
</xs:complexType> </xs:complexType>
</xs:element> </xs:element>
<xs:element name="APNBinding" minOccurs="0" maxOccurs="1"> <xs:element name="APNBinding" minOccurs="0" maxOccurs="1">
<xs:complexType> <xs:complexType>
<xs:sequence> <xs:sequence>
<xs:element name="ProviderId" type="xs:string" minOccurs="0" maxOccurs="1"/> <xs:element name="ProviderId" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="AccessPointName" type="xs:string" minOccurs="0" maxOccurs="1"/> <xs:element name="AccessPointName" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="UserName" type="xs:string" minOccurs="0" maxOccurs="1"/> <xs:element name="UserName" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="Password" type="xs:string" minOccurs="0" maxOccurs="1"/> <xs:element name="Password" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="IsCompressionEnabled" type="xs:boolean" minOccurs="0" maxOccurs="1"/> <xs:element name="IsCompressionEnabled" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
<xs:element name="AuthenticationType" type="xs:string" minOccurs="0" maxOccurs="1"/> <xs:element name="AuthenticationType" type="xs:string" minOccurs="0" maxOccurs="1"/>
</xs:sequence> </xs:sequence>
</xs:complexType> </xs:complexType>
</xs:element> </xs:element>
@ -89,7 +87,7 @@ Here's the XSD for the ProfileXML node in VPNv2 CSP for Windows 10 and some pro
</xs:sequence> </xs:sequence>
</xs:complexType> </xs:complexType>
</xs:element> </xs:element>
<xs:element name="AppTrigger" minOccurs="0" maxOccurs="1"> <xs:element name="AppTrigger" minOccurs="0" maxOccurs="unbounded">
<xs:complexType> <xs:complexType>
<xs:sequence> <xs:sequence>
<xs:element name="App" minOccurs="1" maxOccurs="1"> <xs:element name="App" minOccurs="1" maxOccurs="1">
@ -115,7 +113,13 @@ Here's the XSD for the ProfileXML node in VPNv2 CSP for Windows 10 and some pro
<xs:element name="TrafficFilter" minOccurs="0" maxOccurs="unbounded"> <xs:element name="TrafficFilter" minOccurs="0" maxOccurs="unbounded">
<xs:complexType> <xs:complexType>
<xs:sequence> <xs:sequence>
<xs:element name="App" type="xs:string" minOccurs="0" maxOccurs="1"/> <xs:element name="App" minOccurs="0" maxOccurs="1">
<xs:complexType>
<xs:sequence>
<xs:element name="Id" type="xs:string" minOccurs="1" maxOccurs="1"/>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="Claims" type="xs:string" minOccurs="0" maxOccurs="1"/> <xs:element name="Claims" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="Protocol" type="xs:string" minOccurs="0" maxOccurs="1"/> <xs:element name="Protocol" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="LocalPortRanges" type="xs:string" minOccurs="0" maxOccurs="1"/> <xs:element name="LocalPortRanges" type="xs:string" minOccurs="0" maxOccurs="1"/>
@ -148,23 +152,25 @@ Here's the XSD for the ProfileXML node in VPNv2 CSP for Windows 10 and some pro
</xs:element> </xs:element>
<xs:element name="Authentication" minOccurs="1" maxOccurs="1"> <xs:element name="Authentication" minOccurs="1" maxOccurs="1">
<xs:complexType> <xs:complexType>
<xs:sequence> <xs:choice>
<xs:element name="UserMethod" type="xs:string" minOccurs="0" maxOccurs="1" /> <xs:sequence>
<xs:element name="UserMethod" type="xs:string" minOccurs="0" maxOccurs="1" />
<xs:element name="Eap" minOccurs="1" maxOccurs="1">
<xs:complexType>
<xs:sequence>
<xs:element name="Configuration" minOccurs="1" maxOccurs="1">
<xs:complexType>
<xs:sequence>
<xs:element xmlns:q1="http://www.microsoft.com/provisioning/EapHostConfig" ref="q1:EapHostConfig" />
</xs:sequence>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
</xs:sequence>
<xs:element name="MachineMethod" type="xs:string" minOccurs="0" maxOccurs="1" /> <xs:element name="MachineMethod" type="xs:string" minOccurs="0" maxOccurs="1" />
<xs:element name="Eap" minOccurs="1" maxOccurs="1"> </xs:choice>
<xs:complexType>
<xs:sequence>
<xs:element name="Configuration" minOccurs="1" maxOccurs="1">
<xs:complexType>
<xs:sequence>
<xs:element xmlns:q1="http://www.microsoft.com/provisioning/EapHostConfig" ref="q1:EapHostConfig" />
</xs:sequence>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType> </xs:complexType>
</xs:element> </xs:element>
</xs:sequence> </xs:sequence>
@ -175,6 +181,7 @@ Here's the XSD for the ProfileXML node in VPNv2 CSP for Windows 10 and some pro
<xs:sequence> <xs:sequence>
<xs:element name="Address" type="xs:string" minOccurs="1" maxOccurs="1"/> <xs:element name="Address" type="xs:string" minOccurs="1" maxOccurs="1"/>
<xs:element name="PrefixSize" type="xs:unsignedByte" minOccurs="1" maxOccurs="1"/> <xs:element name="PrefixSize" type="xs:unsignedByte" minOccurs="1" maxOccurs="1"/>
<xs:element name="ExclusionRoute" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
</xs:sequence> </xs:sequence>
</xs:complexType> </xs:complexType>
</xs:element> </xs:element>
@ -186,17 +193,79 @@ Here's the XSD for the ProfileXML node in VPNv2 CSP for Windows 10 and some pro
## Native profile example ## Native profile example
```xml
<VPNProfile>
<EdpModeId>corp.contoso.com</EdpModeId>
<RememberCredentials>true</RememberCredentials>
<AlwaysOn>false</AlwaysOn>
<DnsSuffix>corp.contoso.com</DnsSuffix>
<TrustedNetworkDetection>contoso.com</TrustedNetworkDetection>
``` <Proxy>
<VPNProfile> <AutoConfigUrl>Helloworld.Com</AutoConfigUrl>
<NativeProfile> <Manual>
<Servers>testServer.VPN.com</Servers> <Server>HelloServer</Server>
<NativeProtocolType>IKEv2</NativeProtocolType> </Manual>
<Authentication> </Proxy>
<UserMethod>Eap</UserMethod>
<MachineMethod>Eap</MachineMethod> <DeviceCompliance>
<Eap> <Enabled>true</Enabled>
<Configuration> <Sso>
<Enabled>true</Enabled>
<Eku>This is my Eku</Eku>
<IssuerHash>This is my issuer hash</IssuerHash>
</Sso>
</DeviceCompliance>
<AppTrigger>
<App>
<Id>Microsoft.MicrosoftEdge_8wekyb3d8bbwe</Id>
</App>
</AppTrigger>
<AppTrigger>
<App>
<Id>C:\windows\system32\ping.exe</Id>
</App>
</AppTrigger>
<DomainNameInformation>
<DomainName>hrsite.corporate.contoso.com</DomainName>
<DnsServers>1.2.3.4,5.6.7.8</DnsServers>
<WebProxyServers>5.5.5.5</WebProxyServers>
<AutoTrigger>true</AutoTrigger>
</DomainNameInformation>
<DomainNameInformation>
<DomainName>.corp.contoso.com</DomainName>
<DnsServers>10.10.10.10,20.20.20.20</DnsServers>
<WebProxyServers>100.100.100.100</WebProxyServers>
</DomainNameInformation>
<TrafficFilter>
<App>
<Id>%ProgramFiles%\Internet Explorer\iexplore.exe</Id>
</App>
<Protocol>6</Protocol>
<LocalPortRanges>10,20-50,100-200</LocalPortRanges>
<RemotePortRanges>20-50,100-200,300</RemotePortRanges>
<RemoteAddressRanges>30.30.0.0/16,10.10.10.10-20.20.20.20</RemoteAddressRanges>
<RoutingPolicyType>ForceTunnel</RoutingPolicyType>
</TrafficFilter>
<TrafficFilter>
<App>
<Id>Microsoft.MicrosoftEdge_8wekyb3d8bbwe</Id>
</App>
<LocalAddressRanges>3.3.3.3/32,1.1.1.1-2.2.2.2</LocalAddressRanges>
</TrafficFilter>
<NativeProfile>
<Servers>testServer.VPN.com</Servers>
<RoutingPolicyType>SplitTunnel</RoutingPolicyType>
<NativeProtocolType>IKEv2</NativeProtocolType>
<DisableClassBasedDefaultRoute>true</DisableClassBasedDefaultRoute>
<Authentication>
<UserMethod>Eap</UserMethod>
<Eap>
<Configuration>
<EapHostConfig xmlns="http://www.microsoft.com/provisioning/EapHostConfig"> <EapHostConfig xmlns="http://www.microsoft.com/provisioning/EapHostConfig">
<EapMethod> <EapMethod>
<Type xmlns="http://www.microsoft.com/provisioning/EapCommon">25</Type> <Type xmlns="http://www.microsoft.com/provisioning/EapCommon">25</Type>
@ -261,178 +330,110 @@ Here's the XSD for the ProfileXML node in VPNv2 CSP for Windows 10 and some pro
</Config> </Config>
</EapHostConfig> </EapHostConfig>
</Configuration> </Configuration>
</Eap> </Eap>
</Authentication> </Authentication>
<RoutingPolicyType>SplitTunnel</RoutingPolicyType> </NativeProfile>
<DisableClassBasedDefaultRoute>true</DisableClassBasedDefaultRoute>
</NativeProfile> <Route>
<Address>192.168.0.0</Address>
<Route> <PrefixSize>24</PrefixSize>
<Address>192.168.0.0</Address> </Route>
<PrefixSize>24</PrefixSize> <Route>
</Route> <Address>10.10.0.0</Address>
<Route> <PrefixSize>16</PrefixSize>
<Address>10.10.0.0</Address> </Route>
<PrefixSize>16</PrefixSize> </VPNProfile>
</Route>
<AppTrigger>
<App>
<Id>Microsoft.MicrosoftEdge_8wekyb3d8bbwe</Id>
</App>
</AppTrigger>
<AppTrigger>
<App>
<Id>C:\windows\system32\ping.exe</Id>
</App>
</AppTrigger>
<TrafficFilter>
<App>
<Id>%ProgramFiles%\Internet Explorer\iexplore.exe</Id>
</App>
<Protocol>6</Protocol>
<LocalPortRanges>10,20-50,100-200</LocalPortRanges>
<RemotePortRanges>20-50,100-200,300</RemotePortRanges>
<RemoteAddressRanges>30.30.0.0/16,10.10.10.10-20.20.20.20</RemoteAddressRanges>
<RoutingPolicyType>ForceTunnel</RoutingPolicyType>
</TrafficFilter>
<TrafficFilter>
<App>
<Id>Microsoft.MicrosoftEdge_8wekyb3d8bbwe</Id>
</App>
<LocalAddressRanges>3.3.3.3/32,1.1.1.1-2.2.2.2</LocalAddressRanges>
</TrafficFilter>
<DomainNameInformation>
<DomainName>hrsite.corporate.contoso.com</DomainName>
<DnsServers>1.2.3.4,5.6.7.8</DnsServers>
<WebProxyServers>5.5.5.5</WebProxyServers>
<AutoTrigger>true</AutoTrigger>
</DomainNameInformation>
<DomainNameInformation>
<DomainName>.corp.contoso.com</DomainName>
<DnsServers>10.10.10.10,20.20.20.20</DnsServers>
<WebProxyServers>100.100.100.100</WebProxyServers>
</DomainNameInformation>
<EdpModeId>corp.contoso.com</EdpModeId>
<RememberCredentials>true</RememberCredentials>
<AlwaysOn>false</AlwaysOn>
<DnsSuffix>corp.contoso.com</DnsSuffix>
<TrustedNetworkDetection>contoso.com</TrustedNetworkDetection>
<Proxy>
<Manual>
<Server>HelloServer</Server>
</Manual>
<AutoConfigUrl>Helloworld.Com</AutoConfigUrl>
</Proxy>
<DeviceCompliance>
<Enabled>true</Enabled>
<Sso>
<Enabled>true</Enabled>
<Eku>This is my Eku</Eku>
<IssuerHash>This is my issuer hash</IssuerHash>
</Sso>
</DeviceCompliance>
</VPNProfile>
``` ```
## Plug-in profile example ## Plug-in profile example
```xml ```xml
<VPNProfile> <VPNProfile>
<PluginProfile> <!--<EdpModeId>corp.contoso.com</EdpModeId>-->
<ServerUrlList>testserver1.contoso.com;testserver2.contoso..com</ServerUrlList> <RememberCredentials>true</RememberCredentials>
<PluginPackageFamilyName>JuniperNetworks.JunosPulseVpn_cw5n1h2txyewy</PluginPackageFamilyName> <AlwaysOn>false</AlwaysOn>
<CustomConfiguration><pulse-schema><isSingleSignOnCredential>true</isSingleSignOnCredential></pulse-schema></CustomConfiguration> <DnsSuffix>corp.contoso.com</DnsSuffix>
</PluginProfile> <TrustedNetworkDetection>contoso.com,test.corp.contoso.com</TrustedNetworkDetection>
<Route> <DeviceTunnel>false</DeviceTunnel>
<Address>192.168.0.0</Address> <RegisterDNS>false</RegisterDNS>
<PrefixSize>24</PrefixSize>
</Route> <Proxy>
<Route> <AutoConfigUrl>Helloworld.Com</AutoConfigUrl>
<Address>10.10.0.0</Address> <Manual>
<PrefixSize>16</PrefixSize> <Server>HelloServer</Server>
</Route> </Manual>
<AppTrigger>
<App> </Proxy>
<Id>Microsoft.MicrosoftEdge_8wekyb3d8bbwe</Id>
</App> <APNBinding>
</AppTrigger> <ProviderId></ProviderId>
<AppTrigger> <AccessPointName></AccessPointName>
<App> <UserName></UserName>
<Id>%ProgramFiles%\Internet Explorer\iexplore.exe</Id> <Password></Password>
</App> <IsCompressionEnabled>true</IsCompressionEnabled>
</AppTrigger> <AuthenticationType></AuthenticationType>
<TrafficFilter> </APNBinding>
<App>
<Id>%ProgramFiles%\Internet Explorer\iexplore.exe</Id> <PluginProfile>
</App> <ServerUrlList>testserver1.contoso.com;testserver2.contoso..com</ServerUrlList>
<Protocol>6</Protocol> <CustomConfiguration><pulse-schema><isSingleSignOnCredential>true</isSingleSignOnCredential></pulse-schema></CustomConfiguration>
<LocalPortRanges>10,20-50,100-200</LocalPortRanges> <PluginPackageFamilyName>JuniperNetworks.JunosPulseVpn_cw5n1h2txyewy</PluginPackageFamilyName>
<RemotePortRanges>20-50,100-200,300</RemotePortRanges> </PluginProfile>
<RemoteAddressRanges>30.30.0.0/16,10.10.10.10-20.20.20.20</RemoteAddressRanges>
<!--<RoutingPolicyType>ForceTunnel</RoutingPolicyType>--> <AppTrigger>
</TrafficFilter> <App>
<TrafficFilter> <Id>Microsoft.MicrosoftEdge_8wekyb3d8bbwe</Id>
<App> </App>
<Id>Microsoft.MicrosoftEdge_8wekyb3d8bbwe</Id> </AppTrigger>
</App> <AppTrigger>
<LocalAddressRanges>3.3.3.3/32,1.1.1.1-2.2.2.2</LocalAddressRanges> <App>
</TrafficFilter> <Id>%ProgramFiles%\Internet Explorer\iexplore.exe</Id>
<TrafficFilter> </App>
<App> </AppTrigger>
<Id>Microsoft.MicrosoftEdge_8wekyb3d8bbwe</Id>
</App> <DomainNameInformation>
<Claims>O:SYG:SYD:(A;;CC;;;AU)</Claims> <DomainName>corp.contoso.com</DomainName>
<!--<RoutingPolicyType>SplitTunnel</RoutingPolicyType>--> <DnsServers>1.2.3.4,5.6.7.8</DnsServers>
</TrafficFilter> <WebProxyServers>5.5.5.5</WebProxyServers>
<DomainNameInformation> <AutoTrigger>false</AutoTrigger>
<DomainName>corp.contoso.com</DomainName> </DomainNameInformation>
<DnsServers>1.2.3.4,5.6.7.8</DnsServers> <DomainNameInformation>
<WebProxyServers>5.5.5.5</WebProxyServers> <DomainName>corp.contoso.com</DomainName>
<AutoTrigger>false</AutoTrigger> <DnsServers>10.10.10.10,20.20.20.20</DnsServers>
</DomainNameInformation> <WebProxyServers>100.100.100.100</WebProxyServers>
<DomainNameInformation> </DomainNameInformation>
<DomainName>corp.contoso.com</DomainName>
<DnsServers>10.10.10.10,20.20.20.20</DnsServers> <TrafficFilter>
<WebProxyServers>100.100.100.100</WebProxyServers> <App>
</DomainNameInformation> <Id>%ProgramFiles%\Internet Explorer\iexplore.exe</Id>
<!--<EdpModeId>corp.contoso.com</EdpModeId>--> </App>
<RememberCredentials>true</RememberCredentials> <Protocol>6</Protocol>
<AlwaysOn>false</AlwaysOn> <LocalPortRanges>10,20-50,100-200</LocalPortRanges>
<DeviceTunnel>false</DeviceTunnel> <RemotePortRanges>20-50,100-200,300</RemotePortRanges>
<RegisterDNS>false</RegisterDNS> <RemoteAddressRanges>30.30.0.0/16,10.10.10.10-20.20.20.20</RemoteAddressRanges>
<DnsSuffix>corp.contoso.com</DnsSuffix> <!--<RoutingPolicyType>ForceTunnel</RoutingPolicyType>-->
<TrustedNetworkDetection>contoso.com,test.corp.contoso.com</TrustedNetworkDetection> </TrafficFilter>
<Proxy> <TrafficFilter>
<Manual> <App>
<Server>HelloServer</Server> <Id>Microsoft.MicrosoftEdge_8wekyb3d8bbwe</Id>
</Manual> </App>
<AutoConfigUrl>Helloworld.Com</AutoConfigUrl> <LocalAddressRanges>3.3.3.3/32,1.1.1.1-2.2.2.2</LocalAddressRanges>
</Proxy> </TrafficFilter>
<APNBinding> <TrafficFilter>
<ProviderId></ProviderId> <App>
<AccessPointName></AccessPointName> <Id>Microsoft.MicrosoftEdge_8wekyb3d8bbwe</Id>
<UserName></UserName> </App>
<Password></Password> <Claims>O:SYG:SYD:(A;;CC;;;AU)</Claims>
<IsCompressionEnabled></IsCompressionEnabled> <!--<RoutingPolicyType>SplitTunnel</RoutingPolicyType>-->
<AuthenticationType></AuthenticationType> </TrafficFilter>
</APNBinding>
</VPNProfile> <Route>
<Address>192.168.0.0</Address>
<PrefixSize>24</PrefixSize>
</Route>
<Route>
<Address>10.10.0.0</Address>
<PrefixSize>16</PrefixSize>
</Route>
</VPNProfile>
``` ```