Windows-Containers
Windows-Containers copied to clipboard
Is it possible to create another user with the same permissions as containeruser
We follow the recommended approach for creating new users in our Dockerfile. When we create and link a gMSA with newly created containers, we are observing that running processes as our custom user fails to authenticate with SQL Server, but when the same process is ran as containeruser
or NT Authority\NetworkService
it's able to authenticate with SQL Server. We unfortunately cannot find any Dockerfile references showing how containeruser
and containeradminstrator
accounts are created so that we duplicate the same process. We had a few questions hoping someone else knows the answer:
- Can we create new local users that have the same permission as
containeruser
? - Our understanding is that there is a
User manager
virtual active directory and those users are part of that domain. How do we connect with that virtual AD and do we need to add our local user to that AD for this to work? - If it's not possible to create a user with the same permissions, can we rename
containeruser
to our custom user? We tried usingwmic useraccount
butcontaineruser
was not found. - What type of permission can we give our custom user to do this one operation?
cc: @ebroberson