Enable IIS Remote Management For Docker Container
Environment
- Host OS: Microsoft Windows Pro 10.0.19045
- Docker-Desktop installed and working. You may need to “Switch to Windows Container” for this to work.
PS C:\Users\azureuser> wsl --version
WSL version: 1.2.5.0
Kernel version: 5.15.90.1
WSLg version: 1.0.51
MSRDC version: 1.2.3770
Direct3D version: 1.608.2-61064218
DXCore version: 10.0.25131.1002-220531-1700.rs-onecore-base2-hyp
Windows version: 10.0.19045.3324- Windows Subsystem for Linux (WSL)
PS C:\Users\azureuser> docker --version
Docker version 24.0.5, build ced0996Steps
- Create Dockerfile
I am going to create a dedicated directory for this guide called “iisremote_test”.
Inside this directory create a file called “Dockerfile”.
PS C:\Users\azureuser\iisremote_test> ls
Directory: C:\Users\azureuser\iisremote_test
Mode LastWriteTime Length Name
---- ------------- ------ ----
-a---- 9/8/2023 7:35 PM 447 DockerfileDockerfile should have the following content:
FROM mcr.microsoft.com/windows/servercore/iis
SHELL [ "powershell" ]
#setup Remote IIS management
RUN Install-WindowsFeature Web-Mgmt-Service; \
New-ItemProperty -Path HKLM:\software\microsoft\WebManagement\Server -Name EnableRemoteManagement -Value 1 -Force; \
Set-Service -Name wmsvc -StartupType automatic;
#Add user for Remote IIS Manager Login
RUN net user iisadmin Password~1234 /ADD; \
net localgroup administrators iisadmin /add;Here cat command of my Dockerfile:
PS C:\Users\azureuser\iisremote_test> cat .\Dockerfile
FROM mcr.microsoft.com/windows/servercore/iis
SHELL [ "powershell" ]
#setup Remote IIS management
RUN Install-WindowsFeature Web-Mgmt-Service; \
New-ItemProperty -Path HKLM:\software\microsoft\WebManagement\Server -Name EnableRemoteManagement -Value 1 -Force; \
Set-Service -Name wmsvc -StartupType automatic;
#Add user for Remote IIS Manager Login
RUN net user iisadmin Password~1234 /ADD; \
net localgroup administrators iisadmin /add;In a nutshell:
- Pull base image.
- Install Remote Management feature.
- Set remote management service to start automatically.
- Creates a user and add it to “admin” group.
It is necessary to add account to admin group because only admins can do Server Connections in IIS.
2. Build the image
Inside root directory run:
docker build -t iisremote . This will use Dockerfile at current level to build image and it will name it as “iisremote”.
This may take a while.
Here is command:
PS C:\Users\azureuser\iisremote_test> docker build -t iisremote .
Sending build context to Docker daemon 2.048kB
Step 1/4 : FROM mcr.microsoft.com/windows/servercore/iis
latest: Pulling from windows/servercore/iis
010ca8045f7e: Pull complete
f51d6d863bdd: Pull complete
f28458290d79: Pull complete
68a7ade749ff: Pull complete
7bc6c1450cc0: Pull complete
Digest: sha256:7d23d0ca6bf9c99de41bf21f472079a65a927fc3f8b484f66329a484eb53ab06
Status: Downloaded newer image for mcr.microsoft.com/windows/servercore/iis:latest
---> 6c8a2af783f2
Step 2/4 : SHELL [ "powershell" ]
---> Running in 8006dc806f84
Removing intermediate container 8006dc806f84
---> 70ff63c30a9d
Step 3/4 : RUN Install-WindowsFeature Web-Mgmt-Service; New-ItemProperty -Path HKLM:\software\microsoft\WebManagement\Server -Name EnableRemoteManagement -Value 1 -Force; Set-Service -Name wmsvc -StartupType automatic;
---> Running in 828a84433bc1
Success Restart Needed Exit Code Feature Result
------- -------------- --------- --------------
True No Success {ASP.NET 4.6, Management Service, Mana...
EnableRemoteManagement : 1
PSPath : Microsoft.PowerShell.Core\Registry::HKEY_LOCAL_MACHINE
\software\microsoft\WebManagement\Server
PSParentPath : Microsoft.PowerShell.Core\Registry::HKEY_LOCAL_MACHINE
\software\microsoft\WebManagement
PSChildName : Server
PSDrive : HKLM
PSProvider : Microsoft.PowerShell.Core\Registry
Removing intermediate container 828a84433bc1
---> b38573c593f3
Step 4/4 : RUN net user iisadmin Password~1234 /ADD; net localgroup administrators iisadmin /add;
---> Running in 014a45eae1d0
The command completed successfully.
The command completed successfully.
Removing intermediate container 014a45eae1d0
---> f5ce8a998e42
Successfully built f5ce8a998e42
Successfully tagged iisremote:latest
What's Next?
View summary of image vulnerabilities and recommendations → docker scout quickviewAfter this you should be able to see image “iisremote” in your Docker-Desktop:
3. Run the container
Below command will create an instance(container) of image "iisremote” under the name of “remoteiis”.
docker run --name remoteiis -d iisremotePS C:\Users\azureuser\iisremote_test> docker run --name remoteiis -d iisremote
e843ee198de5ebaa875a15708d95baf5439f8565fdb51973c9b4f50c15dec1bcIf you go back to Docker-Desktop you should be able to see the container “remoteiis”:
4. Get IP Address of container (MUST BE RUNNING)
We need the actual IP so we can connect through our IIS in Host OS.
Run any of below commands to get IP Address:
<CONTAINER MUST BE RUNNING…>
docker inspect --format '{{.NetworkSettings.Networks.nat.IPAddress}}' <container>
docker inspect --format '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' <container>Here is my output:
PS C:\Users\azureuser\iisremote_test> docker inspect --format '{{.NetworkSettings.Networks.nat.IPAddress}}' remoteiis
172.20.61.159
PS C:\Users\azureuser\iisremote_test> docker inspect --format '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' remoteiis
172.20.61.159As a matter of fact, if you browse to that IP Address you will see the start page from IIS from container:
5. Connect with Remote Management through IIS Manager from Host OS
<CONTAINER MUST BE RUNNING…>
Open IIS Manager > File > Connect to a Server…
If you do not have that option you will need to download Remote Administration, install it, then close and open IIS Manager again and it should be there.
Download IIS Manager for Remote Administration 1.2 from Official Microsoft Download Center
Specify IP > Next
Provide credentials:
- username: iisadmin
- password: Password~1234
Prompt for certificate will appear, accept it.
Specify name you want to give to connection and that is it!
