document preconfiguring a VPN server in the app

[ghost]

It would be nice to be able to already configure the server the users have to use when launching the eduVPN/Let's Connect! app. This is possible. From mail:

You can set the following XML in the configuration file in C:\Program Files\Let's Connect!\Core\LetsConnect.Client.exe.config

(Under: / ):

         <setting name="OwnServers" serializeAs="Xml">
             <value>
                 <UriList>
                     <Uri AbsoluteUri="https://vpn.tuxed.net/" />
                 </UriList>
             </value>
         </setting>

In the example I'm using vpn.tuxed.net server.

This will have it preconfigure vpn.tuxed.net as a server. When the user clicks the server name the authorization (+authentication) is started. I think a similar option is there for selecting the (default) profile, but I did not test this part:

         <setting name="LastSelectedProfile" serializeAs="Xml">
             <value>
                 <SerializableStringDictionary>
                     <DictionaryEntry Key="https://vpn.tuxed.net/" Value="default" />
                 </SerializableStringDictionary>
             </value>
         </setting>

Other options can be found by using the client, configuring it, then closing it (properly) and check the folder: C:\Users\fkooman\AppData\Local\SURF\LetsConnect.Client.exe_Url_g40eoimprufrh03t0wddo3hb0b1xpr13\2.0.7837.18873 for the file user.config. I'm sure the random part of the folder is different for everyone, but I am not sure...

[ghost]

It seemed to work, if I am adding this into this directory,

C:\%LOCALAPPDATA%\SURF\EduVPN.Client.exe_Url_RANDOM-STRING\2.0.7837.18873\user.conf

with

<setting name="InstituteAccessServers" serializeAs="Xml“>
             <value>
                 <UriList>
                     <Uri AbsoluteUri="https://VPN.EXAMPLE.ORG/" />
                 </UriList>
             </value>
         </setting>

but not in the file

C:\Program Files\Let's Connect!\Core\eduVPN.Client.exe.config

in the / ) Section

Any Idea would be very helpful.

[rozmansi]

Other options can be found by using the client, configuring it, then closing it (properly) and check the folder: C:\Users\fkooman\AppData\Local\SURF\LetsConnect.Client.exe_Url_g40eoimprufrh03t0wddo3hb0b1xpr13\2.0.7837.18873 for the file user.config. I'm sure the random part of the folder is different for everyone, but I am not sure...

The random part of the folder is calculated from the eduVPN.Client.exe path. I get the same on all computers (even tha same as you have) as long as the binary is always installed in C:\Program Files\Let's Connect!\Core\LetsConnect.Client.exe. It allows side-by-side installations on the same computer. Unfortunately, this was also the main drawback, I couldn't simplify file paths and component GUIDs on v1 => v2: this random part of the folder changed, detached v1 and v2 settings preventing seamless migration.

[rozmansi]

It seemed to work, if I am adding this into this directory,

C:%LOCALAPPDATA%\SURF\EduVPN.Client.exe_Url_RANDOM-STRING\2.0.7837.18873\user.conf

with

<setting name="InstituteAccessServers" serializeAs="Xml“>
             <value>
                 <UriList>
                     <Uri AbsoluteUri="https://VPN.EXAMPLE.ORG/" />
                 </UriList>
             </value>
         </setting>

I would suggest against this approach, as the path name is chaotic: the dreaded random part of the folder, the subfolder with the version name and what not. A very moving target to hit.

but not in the file

C:\Program Files\Let's Connect!\Core\eduVPN.Client.exe.config

in the / ) Section

I have tested and making eduVPN.Client.exe.config like this preconfigures the server list appropriately. However, you might not experience it, as you must delete the %LOCALAPPDATA%\SURF\eduVPN.Client.exe_Url_n1errwppeaj4ibldowcknqsllm1gkljy folder first.

Mind that the <eduVPN.Properties.Settings> in the eduVPN.Client.exe.config file represent one-shot default values only. On the initial client start, they are cloned to %LOCALAPPDATA%\SURF\eduVPN.Client.exe_Url_n1errwppeaj4ibldowcknqsllm1gkljy and used from there thereafter.

Which makes this approach semi useless: what if an organization changes the server name later, or adds another server?

If this is important, we could make this a proper feature: Add support for HKLM\Software\SURF\eduVPN registry values to configure preset servers and preselected Secure Internet organization. The preset servers would always be displayed on top of the list and cannot be forgotten by the user. If Secure Internet organization is preselected, it also cannot be forgotten. User might still add other organization servers, change Secure Internet server, or add own servers.

But, why do we have the discovery then? Ahh, preconfiguring the client to make it organization-specific is probably not viable on Google Play and Apple App Store.

[ghost]

As discussed, only relevant for managed devices where the organization provides the devices to the user, not when the user installs the client themselves:

• A registry key would be used to preset the VPN server(s), the user would not be allowed to add additional ones;
• Possibly a registry key to disable "Secure Internet" (or to preset the organization as well).