GithubHelp home page GithubHelp logo

Comments (6)

Peco602 avatar Peco602 commented on June 3, 2024 1

Please checkout my new repository where I have published a WinRM Windows Docker image accessible via the PowerShell command Enter-PSSession.

from dockerfiles-windows.

rleap-m avatar rleap-m commented on June 3, 2024

Seems to me that is an unconventional way to work interactively with a running container. You would typically use docker exec -it command for an interactive session. That said, I gave it a try with the mcr.microsoft.com/windows/servercore/iis:latest image and from the container host I was able to verify connectivity from host-to-container over the default WinRM port:

PS C:\Users\Administrator> (docker container inspect cbe0be0147d1 | ConvertFrom-Json).NetworkSettings.Networks.nat.IPAddress
172.31.124.73
PS C:\Users\Administrator> Test-NetConnection -ComputerName 172.31.124.73 -Port 5985

ComputerName     : 172.31.124.73
RemoteAddress    : 172.31.124.73
RemotePort       : 5985
InterfaceAlias   : vEthernet (nat)
SourceAddress    : 172.31.112.1
TcpTestSucceeded : True

But when I try to enter a session:

PS C:\Users\Administrator> Enter-PSSession -ComputerName 172.31.124.73
Enter-PSSession : Connecting to remote server 172.31.124.73 failed with the following error message : The WinRM client cannot process
the request. If the authentication scheme is different from Kerberos, or if the client computer is not joined to a domain, then HTTPS
transport must be used or the destination machine must be added to the TrustedHosts configuration setting. Use winrm.cmd to configure
TrustedHosts. Note that computers in the TrustedHosts list might not be authenticated. You can get more information about that by
running the following command: winrm help config. For more information, see the about_Remote_Troubleshooting Help topic.
At line:1 char:1
+ Enter-PSSession -ComputerName 172.31.124.73
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (172.31.124.73:String) [Enter-PSSession], PSRemotingTransportException
    + FullyQualifiedErrorId : CreateRemoteRunspaceFailed

And this error makes sense because the container is not domain-joined (nor is my test VM in this case). So the auth scheme is definitely not Kerberos and as far as using HTTPS as the transport - perhaps it could work, but WinRM inside the container has not been configured to allow it. Again, I'd recommend using docker exec if you need to interact with a running container.

from dockerfiles-windows.

Peco602 avatar Peco602 commented on June 3, 2024

You should try other authentication methods, such as Basic and NTLM, which are for not-domain joined machines.

I need to interact via Enter-PSSession and not via docker exec because I need to simulate a WinRM connection.

I tried to interact with the
winrm container available in this repository. The error I get is ACCESS DENIED.

from dockerfiles-windows.

rleap-m avatar rleap-m commented on June 3, 2024

Doesn't work (using any of the available authentication schemes) out-of-the-box. This post looks promising - maybe it can help you: https://tobiasfenster.io/container-to-container-winrm

from dockerfiles-windows.

Peco602 avatar Peco602 commented on June 3, 2024

It is the same link I found. I will give a look.

from dockerfiles-windows.

rleap-m avatar rleap-m commented on June 3, 2024

I was able to use the -ContainerId parameter (from the container host) to enter into a session. Probably not what you are after, but that did in fact work:

PS C:\Users\Administrator\Documents> hostname
EC2AMAZ-9I75KV2
PS C:\Users\Administrator\Documents> Enter-PSSession -ContainerId cbe0be0147d191136339d86b537189292b8eadb96915114473340ace213fca30
[cbe0be0147d1...]: PS C:\Users\ContainerUser\Documents> hostname
cbe0be0147d1
[cbe0be0147d1...]: PS C:\Users\ContainerUser\Documents> whoami
user manager\containeruser

from dockerfiles-windows.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.