Excessive TAP-Windows Adapter V9 Cleanup
I had an issue recently where the client machine could not connect to any network resources. We noticed that the user had many TAP-Windows Adapters for VPN (OpenVPN). Some research suggests it occurs due to Microsoft products activating against a KMS server.
Anyway, I have created a simple vbs (wsh) script which removes the excess devices in a safely manner. All you might need to change is the location of tapinstall.exe as it might be deployed with your VPN application.
I have actually deployed the script by placing it in the netlogon share and using a GPO to create a scheduled task which executes the script on a weekly basis. I used a WMI filter and only targeted laptops.
Anyway, I have created a simple vbs (wsh) script which removes the excess devices in a safely manner. All you might need to change is the location of tapinstall.exe as it might be deployed with your VPN application.
I have actually deployed the script by placing it in the netlogon share and using a GPO to create a scheduled task which executes the script on a weekly basis. I used a WMI filter and only targeted laptops.
Here is the script. Its not perfect, but I think it does a good job.
Dim Shell,path,tempPath,tapInstPath32,tapInstPath64,objFSO
Set Shell = CreateObject ("Wscript.Shell")
Set objFSO = CreateObject("Scripting.FileSystemObject")
strComputer = "."
count = 0
tapInstPath32 = "c:\program files\securePoint SSL VPN\bin\tapinstall.exe"
tapInstPath64 = "c:\program files (x86)\securePoint SSL VPN\bin\tapinstall.exe"
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set TapDriver = objWMIService.ExecQuery("Select * from Win32_PnPSignedDriver")
Set OSType = objWMIService.ExecQuery("Select * from Win32_OperatingSystem", , 48)
'Identify whether OS is x64 or x32 and change file path variable accordindly.
For Each OSTypeItem In OSType
If OSTypeItem.OSArchitecture = "64-bit" Then
path = tapInstPath64
Else '32-bit
path = tapInstPath32
End If
Next
'Check if tapinstall.exe exists and exit if does not
If not objFSO.FileExists(path) Then
Shell.LogEvent 0, "VPNTapDeviceCleanup.vbs: path not found for tapinstall.exe executable - " & testpath & " Script quitting...."
wscript.quit
End If
'Find TAP Network Devices
For Each TapDriverItem in TapDriver
If inStr(TapDriverItem.DeviceName, "TAP-Windows Adapter V9") Then
Count = count + 1
'View deletion of drivers when cleanup occurs. Disabled.
'tempPath = chr(34) & "c:\Windows\System32\cmd.exe" & chr(34) & "/k " & chr(34) & path & chr(34)
tempPath = chr(34) & path & chr(34)
'Wscript.Echo "Device Name: " & TapDriverItem.DeviceName
'Wscript.Echo "Device ID: " & TapDriverItem.DeviceID
'Remove excess TAP drivers, preserving the first detected device
If Count > 1 Then
'Wscript.Echo "Device ID: " & TapDriverItem.DeviceID
TempPath = TempPath & " remove @" & TapDriverItem.DeviceID
Shell.Run TempPath
End If
End if
Next
'Write Windows Event Log under application and source of WSH for script success activity
If Count > 1 Then
Count = Count -1
Shell.LogEvent 0, "VPNTapDeviceCleanup.vbs: Total excess TAP-Windows Adapter V9 Devices Removed: " & Count
Else
Shell.LogEvent 0, "VPNTapDeviceCleanup.vbs: No VPN TAP devices removed due to their being no excess"
End If
I accept no responsibly for my script above, and suggest you test in a lab environment before bringing into production.
Comments
Post a Comment