Na minha empresa, estamos atualmente desenvolvendo um produto que, por fim, oferecerá suporte à autenticação via OpenLDAP e Active Directory. Configuramos um Windows Server 2016 e gostaríamos de criar um ambiente isolado por meio de contêineres do Windows para testar nosso aplicativo.
Infelizmente, estou atingindo uma parede quando se trata de instalar / ativar o recurso do AD no contêiner. O erro que estou recebendo é:
Add-WindowsFeature : The request to add or remove features on the specified server failed.
The operation cannot be completed, because the server that you specified requires a restart.
At line:1 char:1
+ Add-WindowsFeature AD-Domain-Services
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : DeviceError: (@{Vhd=; Credent...Name=localhost}:PSObject) [Install-WindowsFeature], Exception
+ FullyQualifiedErrorId : DISMAPI_Error__Failed_Reboot_Required,Microsoft.Windows.ServerManager.Commands.AddWindowsFeatureCommand
Estou faltando alguma coisa ou isso simplesmente não está funcionando?
Este é o meu Dockerfile
FROM microsoft/windowsservercore
RUN powershell Get-WindowsFeature
RUN powershell -Command Add-WindowsFeature AD-Domain-Services
Log de criação completo:
PS C:\windows-ad> docker build --no-cache -t win-test .
Sending build context to Docker daemon 2.56kB
Step 1/3 : FROM microsoft/windowsservercore
---> be84290c2315
Step 2/3 : RUN powershell Get-WindowsFeature
---> Running in 5e5f83bb2c86
Display Name Name
------------ ----
[ ] Active Directory Certificate Services AD-Certificate
[ ] Certification Authority ADCS-Cert-Authority
[ ] Certificate Enrollment Policy Web Service ADCS-Enroll-Web-Pol
[ ] Certificate Enrollment Web Service ADCS-Enroll-Web-Svc
[ ] Certification Authority Web Enrollment ADCS-Web-Enrollment
[ ] Network Device Enrollment Service ADCS-Device-Enrollment
[ ] Online Responder ADCS-Online-Cert
[ ] Active Directory Domain Services AD-Domain-Services
[ ] Active Directory Federation Services ADFS-Federation
[ ] Active Directory Lightweight Directory Services ADLDS
[ ] Active Directory Rights Management Services ADRMS
[ ] Active Directory Rights Management Server ADRMS-Server
[ ] Identity Federation Support ADRMS-Identity
[ ] Device Health Attestation DeviceHealthAttestat...
[ ] DHCP Server DHCP
[ ] DNS Server DNS
[X] File and Storage Services FileAndStorage-Services
[ ] File and iSCSI Services File-Services
[ ] File Server FS-FileServer
[ ] BranchCache for Network Files FS-BranchCache
[ ] Data Deduplication FS-Data-Deduplication
[ ] DFS Namespaces FS-DFS-Namespace
[ ] DFS Replication FS-DFS-Replication
[ ] File Server Resource Manager FS-Resource-Manager
[ ] File Server VSS Agent Service FS-VSS-Agent
[ ] iSCSI Target Server FS-iSCSITarget-Server
[ ] iSCSI Target Storage Provider (VDS and V... iSCSITarget-VSS-VDS
[ ] Server for NFS FS-NFS-Service
[ ] Work Folders FS-SyncShareService
[X] Storage Services Storage-Services
[ ] Host Guardian Service HostGuardianServiceRole
[ ] Hyper-V Hyper-V
[ ] Network Controller NetworkController
[ ] Print and Document Services Print-Services
[ ] Print Server Print-Server
[ ] LPD Service Print-LPD-Service
[ ] Remote Access RemoteAccess
[ ] DirectAccess and VPN (RAS) DirectAccess-VPN
[ ] Routing Routing
[ ] Web Application Proxy Web-Application-Proxy
[ ] Remote Desktop Services Remote-Desktop-Services
[ ] Remote Desktop Connection Broker RDS-Connection-Broker
[ ] Remote Desktop Licensing RDS-Licensing
[ ] Remote Desktop Virtualization Host RDS-Virtualization
[ ] Volume Activation Services VolumeActivation
[ ] Web Server (IIS) Web-Server
[ ] Web Server Web-WebServer
[ ] Common HTTP Features Web-Common-Http
[ ] Default Document Web-Default-Doc
[ ] Directory Browsing Web-Dir-Browsing
[ ] HTTP Errors Web-Http-Errors
[ ] Static Content Web-Static-Content
[ ] HTTP Redirection Web-Http-Redirect
[ ] WebDAV Publishing Web-DAV-Publishing
[ ] Health and Diagnostics Web-Health
[ ] HTTP Logging Web-Http-Logging
[ ] Custom Logging Web-Custom-Logging
[ ] Logging Tools Web-Log-Libraries
[ ] ODBC Logging Web-ODBC-Logging
[ ] Request Monitor Web-Request-Monitor
[ ] Tracing Web-Http-Tracing
[ ] Performance Web-Performance
[ ] Static Content Compression Web-Stat-Compression
[ ] Dynamic Content Compression Web-Dyn-Compression
[ ] Security Web-Security
[ ] Request Filtering Web-Filtering
[ ] Basic Authentication Web-Basic-Auth
[ ] Centralized SSL Certificate Support Web-CertProvider
[ ] Client Certificate Mapping Authentic... Web-Client-Auth
[ ] Digest Authentication Web-Digest-Auth
[ ] IIS Client Certificate Mapping Authe... Web-Cert-Auth
[ ] IP and Domain Restrictions Web-IP-Security
[ ] URL Authorization Web-Url-Auth
[ ] Windows Authentication Web-Windows-Auth
[ ] Application Development Web-App-Dev
[ ] .NET Extensibility 3.5 Web-Net-Ext
[ ] .NET Extensibility 4.6 Web-Net-Ext45
[ ] Application Initialization Web-AppInit
[ ] ASP Web-ASP
[ ] ASP.NET 3.5 Web-Asp-Net
[ ] ASP.NET 4.6 Web-Asp-Net45
[ ] CGI Web-CGI
[ ] ISAPI Extensions Web-ISAPI-Ext
[ ] ISAPI Filters Web-ISAPI-Filter
[ ] Server Side Includes Web-Includes
[ ] WebSocket Protocol Web-WebSockets
[ ] FTP Server Web-Ftp-Server
[ ] FTP Service Web-Ftp-Service
[ ] FTP Extensibility Web-Ftp-Ext
[ ] Management Tools Web-Mgmt-Tools
[ ] IIS 6 Management Compatibility Web-Mgmt-Compat
[ ] IIS 6 Metabase Compatibility Web-Metabase
[ ] IIS 6 Scripting Tools Web-Lgcy-Scripting
[ ] IIS 6 WMI Compatibility Web-WMI
[ ] IIS Management Scripts and Tools Web-Scripting-Tools
[ ] Management Service Web-Mgmt-Service
[ ] Windows Server Essentials Experience ServerEssentialsRole
[ ] Windows Server Update Services UpdateServices
[ ] WID Connectivity UpdateServices-WidDB
[ ] WSUS Services UpdateServices-Services
[ ] SQL Server Connectivity UpdateServices-DB
[ ] .NET Framework 3.5 Features NET-Framework-Features
[ ] .NET Framework 3.5 (includes .NET 2.0 and 3.0) NET-Framework-Core
[ ] HTTP Activation NET-HTTP-Activation
[ ] Non-HTTP Activation NET-Non-HTTP-Activ
[X] .NET Framework 4.6 Features NET-Framework-45-Fea...
[X] .NET Framework 4.6 NET-Framework-45-Core
[ ] ASP.NET 4.6 NET-Framework-45-ASPNET
[X] WCF Services NET-WCF-Services45
[ ] HTTP Activation NET-WCF-HTTP-Activat...
[ ] Message Queuing (MSMQ) Activation NET-WCF-MSMQ-Activat...
[ ] Named Pipe Activation NET-WCF-Pipe-Activat...
[ ] TCP Activation NET-WCF-TCP-Activati...
[X] TCP Port Sharing NET-WCF-TCP-PortShar...
[ ] Background Intelligent Transfer Service (BITS) BITS
[ ] Compact Server BITS-Compact-Server
[ ] BitLocker Drive Encryption BitLocker
[ ] BranchCache BranchCache
[ ] Client for NFS NFS-Client
[ ] Containers Containers
[ ] Data Center Bridging Data-Center-Bridging
[ ] Enhanced Storage EnhancedStorage
[ ] Failover Clustering Failover-Clustering
[ ] Group Policy Management GPMC
[ ] Host Guardian Hyper-V Support HostGuardian
[ ] I/O Quality of Service DiskIo-QoS
[ ] IIS Hostable Web Core Web-WHC
[ ] IP Address Management (IPAM) Server IPAM
[ ] iSNS Server service ISNS
[ ] Management OData IIS Extension ManagementOdata
[ ] Media Foundation Server-Media-Foundation
[ ] Message Queuing MSMQ
[ ] Message Queuing Services MSMQ-Services
[ ] Message Queuing Server MSMQ-Server
[ ] Directory Service Integration MSMQ-Directory
[ ] HTTP Support MSMQ-HTTP-Support
[ ] Message Queuing Triggers MSMQ-Triggers
[ ] Routing Service MSMQ-Routing
[ ] Message Queuing DCOM Proxy MSMQ-DCOM
[ ] Multipath I/O Multipath-IO
[ ] MultiPoint Connector MultiPoint-Connector
[ ] MultiPoint Connector Services MultiPoint-Connector...
[ ] MultiPoint Manager and MultiPoint Dashboard MultiPoint-Tools
[ ] Network Load Balancing NLB
[ ] Peer Name Resolution Protocol PNRP
[ ] Quality Windows Audio Video Experience qWave
[ ] Remote Differential Compression RDC
[ ] Remote Server Administration Tools RSAT
[ ] Feature Administration Tools RSAT-Feature-Tools
[ ] BitLocker Drive Encryption Administratio... RSAT-Feature-Tools-B...
[ ] DataCenterBridging LLDP Tools RSAT-DataCenterBridg...
[ ] Failover Clustering Tools RSAT-Clustering
[ ] Failover Cluster Module for Windows ... RSAT-Clustering-Powe...
[ ] Failover Cluster Automation Server RSAT-Clustering-Auto...
[ ] Failover Cluster Command Interface RSAT-Clustering-CmdI...
[ ] IP Address Management (IPAM) Client IPAM-Client-Feature
[ ] Shielded VM Tools RSAT-Shielded-VM-Tools
[ ] Storage Replica Module for Windows Power... RSAT-Storage-Replica
[ ] Role Administration Tools RSAT-Role-Tools
[ ] AD DS and AD LDS Tools RSAT-AD-Tools
[ ] Active Directory module for Windows ... RSAT-AD-PowerShell
[ ] AD DS Tools RSAT-ADDS
[ ] Active Directory Administrative ... RSAT-AD-AdminCenter
[ ] AD DS Snap-Ins and Command-Line ... RSAT-ADDS-Tools
[ ] AD LDS Snap-Ins and Command-Line Tools RSAT-ADLDS
[ ] Hyper-V Management Tools RSAT-Hyper-V-Tools
[ ] Hyper-V Module for Windows PowerShell Hyper-V-PowerShell
[ ] Windows Server Update Services Tools UpdateServices-RSAT
[ ] API and PowerShell cmdlets UpdateServices-API
[ ] DHCP Server Tools RSAT-DHCP
[ ] DNS Server Tools RSAT-DNS-Server
[ ] Network Controller Management Tools RSAT-NetworkController
[ ] Remote Access Management Tools RSAT-RemoteAccess
[ ] Remote Access module for Windows Pow... RSAT-RemoteAccess-Po...
[ ] RPC over HTTP Proxy RPC-over-HTTP-Proxy
[ ] Setup and Boot Event Collection Setup-and-Boot-Event...
[ ] Simple TCP/IP Services Simple-TCPIP
[X] SMB 1.0/CIFS File Sharing Support FS-SMB1
[ ] SMB Bandwidth Limit FS-SMBBW
[ ] SNMP Service SNMP-Service
[ ] SNMP WMI Provider SNMP-WMI-Provider
[ ] Software Load Balancer SoftwareLoadBalancer
[ ] Storage Replica Storage-Replica
[ ] Telnet Client Telnet-Client
[ ] VM Shielding Tools for Fabric Management FabricShieldedTools
[X] Windows Defender Features Windows-Defender-Fea...
[X] Windows Defender Windows-Defender
[ ] Windows Internal Database Windows-Internal-Dat...
[X] Windows PowerShell PowerShellRoot
[X] Windows PowerShell 5.1 PowerShell
[ ] Windows PowerShell 2.0 Engine PowerShell-V2
[ ] Windows PowerShell Desired State Configurati... DSC-Service
[ ] Windows PowerShell Web Access WindowsPowerShellWeb...
[ ] Windows Process Activation Service WAS
[ ] Process Model WAS-Process-Model
[ ] .NET Environment 3.5 WAS-NET-Environment
[ ] Configuration APIs WAS-Config-APIs
[ ] Windows Server Backup Windows-Server-Backup
[ ] Windows Server Migration Tools Migration
[ ] Windows Standards-Based Storage Management WindowsStorageManage...
[ ] WinRM IIS Extension WinRM-IIS-Ext
[ ] WINS Server WINS
[X] WoW64 Support WoW64-Support
---> b891a0f5b277
Removing intermediate container 5e5f83bb2c86
Step 3/3 : RUN powershell -Command Add-WindowsFeature AD-Domain-Services
---> Running in 22724bfb2ee4
Add-WindowsFeature : The request to add or remove features on the specified
server failed.
The operation cannot be completed, because the server that you specified
requires a restart.
At line:1 char:1
+ Add-WindowsFeature AD-Domain-Services
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : DeviceError: (@{Vhd=; Credent...Name=localhost}:
PSObject) [Install-WindowsFeature], Exception
+ FullyQualifiedErrorId : DISMAPI_Error__Failed_Reboot_Required,Microsoft.
Windows.ServerManager.Commands.AddWindowsFeatureCommand
Success Restart Needed Exit Code Feature Result
------- -------------- --------- --------------
False No Failed {}
The command 'cmd /S /C powershell -Command Add-WindowsFeature AD-Domain-Services' returned a non-zero code: 1
Os Contêineres do Windows não são fornecidos com suporte ao Active Directory e, devido à sua natureza, não podem (ainda) atuar como objetos unidos de domínio completo, mas um determinado nível de funcionalidade do Active Directory pode ser suportado pelo uso de Gerenciados Globais Contas de serviço (gMSA).