Making Juniper Network Connect use Keychain

Jun 26, '13 07:30:00AM

Contributed by: Jeff E Mandel

Password managers are a good thing, as they encourage you to maintain strong passwords. Just the sort of thing you’d want if you were opening every port on every computer on your enterprise network. Unfortunately, Juniper doesn’t see it this way. This can be resolved with some crafty scripting.

First, we need a scripting addition called Useable Keychain Scripting. Download it and copy it to /Library/Scripting Additions. You'll need to type your password to do this.

Next, you need to be able to connect to your VPN, so do this, then disconnect. Network Connect should retain the address of your server (e.g. https://vpn.example.com).

Now create a password item for the server (https://vpn.example.com), and grant access to Usable Keychain Scripting. Or not, your call.

Now fire up the script. It will get the address of the server from Network Connect, get your username and password from Keychain Access, and log you in.

Modified from https://github.com/seanfisk/juniper-network-connect-vpn-applescript:

property appName : "Network Connect"

on main()
	tell application "Network Connect"
		if connected then
			sign out
			delay 5
			quit
		else
			tell application "System Events"
				-- Recover the name of the VPN from Network Connect.
			set myAddress to value of combo box 1 of group 2 of tool bar 1 of 
				window appName of application process appName
				set ASTID to AppleScript's text item delimiters
				set AppleScript's text item delimiters to "://"
				-- Get just the server address
				set vpnName to (text items 2 through -1 of myAddress) as text
				set AppleScript's text item delimiters to ASTID
			end tell
			tell application "Usable Keychain Scripting" to tell current keychain
			-- Recover the username and password from the login keychain
				set myPass to password of first internet password 
					whose name contains vpnName
				set myAccount to account of first internet password 
					whose name contains vpnName
			end tell
			connect to vpnName
			delay 5
			tell application "System Events"
			-- enter the account name and password in the dialog box and click 'Sign In"
			set value of text field 1 of group 7 of UI element 1 of scroll area 1 of 
				window appName of application process appName to myAccount of
			set value of text field 1 of group 10 of UI element 1 of scroll area 1
				window appName of application process appName to myPass
			click button "Sign In" of group 14 of UI element 1 of scroll area 1 of 
				window appName of application process appName
			end tell
			-- Could launch an application here if it's scriptable.
			return
		end if
	end tell
end main

main()
Lex adds: I haven't tested this one.

Comments (4)


Mac OS X Hints
http://hints.macworld.com/article.php?story=20130623135353765