nanoserver-insider image has non-admin user as default?

Brass Contributor

I just want to mention that the microsoft/nanoserver-insider image has the non-admin "ContainerUser" account as default. Is this intented?

Running containers as non-admin is a good thing, but this default sometimes result in some difficulties while building Docker images based on nanoserver-insider.


In a golang+git nanoserver image I had to use a workaround to switch to ContainerAdministrator, setting the machine PATH variable, and switch back:


Otherwise we can only set the users's PATH (setx without /M option):


While creating a Docker image for the Docker swarm visualizer I once again had problems while "npm run dist" os I also had to prepend a "USER ContainerAdministrator" to have write access to C:/app - see the Dockerfile example in

So the question is if the nanoserver-insider image shouldn't have a value for the user just as the windowsservercore-insider image.

If someone wants to change the user, it is possible by adding a line USER ContainerUser in the Dockerfile for any Windows image.


0 Replies