403 Error When Trying To Access Windows Service Container

OS Version/Build: Windows 10 Enterprise/19045.2364
App Version: .NET Framework 4.8

Hi all, new to docker and am working on trying to containerize one of my org’s solutions. It’s a windows service that is used to build data packages that are distributed to clients. It has a small web front end that is used to interact with it and kick off package builds. After building the image and running the container, I have all of the binaries from the Visual Studio solution copied over to a directory under C:/inetpub/wwwroot on the container, and have a port mapping from 1337 on my host machine to 80 on the container.

However, when I try to browse to localhost:1337 to access the web front end for the service running on the container I get a 403 error like the attached image. Would anyone happen to know what might be causing this?
I’ve attached the Dockerfile text as well for reference at the bottom, thanks in advance for any help.


FROM mcr.microsoft.com/dotnet/framework/aspnet:4.8-windowsservercore-ltsc2019

SHELL [“powershell”, “-Command”, “$ErrorActionPreference = ‘Stop’; $ProgressPreference = ‘SilentlyContinue’;”]

COPY [“./bin”, “/inetpub/wwwroot/”]
RUN icacls ‘C:/inetpub/wwwroot’ /grant ‘Everyone:(OI)(CI)F’
WORKDIR “C:/inetpub/wwwroot/”
RUN New-Service -Name “"CDR”" -StartupType “"Automatic”" -BinaryPathName “"C:\inetpub\wwwroot\CDR_Service.exe”";

ENTRYPOINT [“powershell”]
CMD Start-Service "“CDR Service"”;
Get-EventLog -LogName System -After (Get-Date).AddHours(-1) | Format-List ;
$idx = (get-eventlog -LogName System -Newest 1).Index;
while ($true)
start-sleep -Seconds 1;
$idx2 = (Get-EventLog -LogName System -newest 1).index;
get-eventlog -logname system -newest ($idx2 - $idx) | sort index | Format-List;
$idx = $idx2;

Does the process you did on the docker file works on a regular deployment, as in a regular VM? If you have the binaries from VS, it seems you’re missing the restore process.

A couple options:

  1. You can try to run as indicated in the sample here: dotnet-framework-docker/Dockerfile at main · microsoft/dotnet-framework-docker (github.com)
  2. You can try to use teh IIS image Windows IIS by Microsoft | Docker Hub
  3. You can try to enable remote management for IIS: 5 tips for IIS on containers: Bonus – IIS remote management - Microsoft Community Hub This can be useful in case there’s a misconfiguration of IIS that you can catch with the GUI. Just remember that you should then bring that config to the docker file. :slight_smile: