问题描述
- Windows ServerCore 容器中的用户始终为manager\containeradministrator,无法切换为普通用户
问题原因
- UAC(User Account Control)服务没有包含在Windows ServerCore镜像中,所以无法使用内建的管理员用户
解决方案
- 可以在Dockerfile中创建普通用户,并赋予其管理员权限
FROM mcr.microsoft.com/windows/servercore:ltsc2016
RUN NET USER sp_farm /add
RUN NET LOCALGROUP Administrators /add sp_farm
USER sp_farm
SHELL ["powershell"]
RUN whoami
- 测试
PS C:\Users\Administrator\switchuser> docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
switchuser latest 90ecd9b64839 39 seconds ago 11.3GB
mcr.microsoft.com/windows/servercore ltsc2016 e9d0a8d2fc57 2 weeks ago 11.3GB
PS C:\Users\Administrator> docker run switchuser whoami
bd76e5fdc8e2\sp_farm
PS C:\Users\Administrator> docker run switchuser net user
User accounts for \\983E494312BA
-------------------------------------------------------------------------------
Administrator DefaultAccount Guest
sp_farm
The command completed successfully.
