Windows Docker image with authnetication

Product: PowerShell Universal
Version: 5.2.2

Hi,

I am trying to set up a Windows docker container image with gMSA authentication to authenticate with resources in the domain. It looks like somehow this feature is missing from ironmansoftware/universal:5.2.2-lts-windowsservercore-ltsc2022

With native windows image it works well: Microsoft Artifact Registry

Does someone have experience with setting Windows container images with gMSA and PSU?

I am using this flag --security-opt “credentialspec=file://gmsa.json”

Thanks!

I don’t have experience with this but would like to point out we are using this as the base image for that container:

ARG fromTag=lts-windowsservercore-ltsc2022
ARG WindowsServerRepo=mcr.microsoft.com/powershell

Not sure if that helps narrow it down. Here’s actually the whole dockerfile. If we need to add or adjust something in the container build, feel free to open an issue on our GitHub repo.

# escape=`
ARG fromTag=lts-windowsservercore-ltsc2022
ARG WindowsServerRepo=mcr.microsoft.com/powershell

# As this is a multi-stage build, this stage will eventually be thrown away
FROM ${WindowsServerRepo}:${fromTag} AS installer-env

ARG VERSION=1.3.1
ARG PACKAGE_URL=https://imsreleases.blob.core.windows.net/universal/production/${VERSION}/Universal.win-x64.${VERSION}.zip

SHELL ["C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe", "-command"]

RUN $url = $env:PACKAGE_URL; `
    Write-host "downloading: $url"; `
    [Net.ServicePointManager]::SecurityProtocol = [Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls12; `
    Invoke-WebRequest -Uri $url -outfile /universal.zip -verbose ; `
    Expand-Archive universal.zip -DestinationPath .\Universal;

FROM ${WindowsServerRepo}:${fromTag}

# Copy PowerShell Core from the installer container
ENV ProgramData="C:\ProgramData" 

# Copy PowerShell Core from the installer container
COPY --from=installer-env ["\\Universal\\", "$ProgramData\\Universal"]

# Set the path
RUN setx /M PATH "%ProgramData%\Universal;%PATH%;"

EXPOSE 5000
ENTRYPOINT ["C:/ProgramData/Universal/Universal.Server.exe"]

1 Like