Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Plugin doesn't work if I don't logged in #1

Open
tupoybot opened this issue Nov 10, 2022 · 8 comments
Open

Plugin doesn't work if I don't logged in #1

tupoybot opened this issue Nov 10, 2022 · 8 comments

Comments

@tupoybot
Copy link

tupoybot commented Nov 10, 2022
edited
Loading

I use teamcity for build my project. If I logged in on teamcity agent Windows Server 2022 Core my build works fine. But if I close RDP window, the build crashes with

hcsshim::CreateComputeSystem c83e4f625809f9b8492b73617d2d2888bf8308768c6afc9c0e49410918a681a4: winapi error #3489792023.

I see many log items about successful plugin work

TimeCreated : 11/10/2022 9:26:18 PM
ProviderName : Microsoft-Windows-Containers-CCG
Id : 2
Message : Container Credential Guard fetched gmsa credentials for service_gmsa$ using plugin:
{DEFFF03C-3245-465F-8391-CC586A2D1F32}.

TimeCreated : 11/10/2022 9:26:18 PM
ProviderName : Microsoft-Windows-Containers-CCG
Id : 2
Message : Container Credential Guard fetched gmsa credentials for service_gmsa$ using plugin:
{DEFFF03C-3245-465F-8391-CC586A2D1F32}.

But after I close RDP I see

TimeCreated : 11/10/2022 9:29:44 PM
ProviderName : Microsoft-Windows-Containers-CCG
Id : 4
Message : Container Credential Guard failed to instantiate the plugin: {DEFFF03C-3245-465F-8391-CC586A2D1F32}.
Error: The server process could not be started because the configured identity is incorrect. Check the
username and password.
@ChrisKlug
Copy link

The reason is probably that the COM-component is registered to run as a the currently logged in user in Windows. Try changing it to run as NETWORK SERVICE LOCAL SYSTEM.

@tupoybot
Copy link
Author

tupoybot commented Nov 29, 2022
edited
Loading

How I can do it?
I register this component via automated script which run by teamcity user. docker build I also run by teamcity

@ChrisKlug
Copy link

You need to go to "Component Services" > Computers > My Computer > COM+ Applications > "Your component" > Properties > Identity.
Or

$comAdmin = New-Object -comobject COMAdmin.COMAdminCatalog
$apps = $comAdmin.GetCollection("Applications")
$apps.Populate()
$app = $apps | Where-Object {$_.Name -eq "<PLUGIN NAME>"}
$app.Value("Identity") = "NT AUTHORITY\NetworkService"
$apps.SaveChanges()

@tupoybot
Copy link
Author

Thank you!
I'll try

@tupoybot
Copy link
Author

tupoybot commented Dec 5, 2022

it seems work!

@macsux
Copy link
Owner

macsux commented Dec 5, 2022

Awesome. Enjoy

@tupoybot
Copy link
Author

tupoybot commented Dec 5, 2022

What about include this article to readme?

@macsux
Copy link
Owner

macsux commented Dec 5, 2022 via email

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@macsux @ChrisKlug @tupoybot