CIFS volume for a Windows domain user

Docker Desktop
1

All the usernames, password, IPs etc here are fake.

I am running Docker Desktop on Windows 11 - let’s call it “local machine”.

There is another machine running Windows 11 - let’s call it “remote machine”. It has IP “192.168.0.1”. Its hostname is REMOTEHOST.

I am logged in on the local machine with a domain user MYDOMAINUSER. MYDOMAINUSER’s domain is MYDOMAIN (as given by environment variable USERDOMAIN). Env variable USERDNSDOMAIN is “Mydomain.Foo.Bar”.

I am also logged in on the remote machine with the same domain user MYDOMAIN\MYDOMAINUSER. The password is My!P@55w0rd

I created a folder in location C:/Users/MYDOMAINUSER/share on the remote machine and shared it with MYDOMAIN\MYDOMAINUSER.

On the local machine I am doing the following:

docker volume create \
	--driver local \
	--opt type=cifs \
	--opt device=//192.168.0.1/Users/MYDOMAINUSER/share \
	--opt "o=username=MYDOMAINUSER,domain=MYDOMAIN,password=My!P@55w0rd" \
	--name cif-volume

I then run:

docker run --mount source=cif-volume,target=/mount_point mycontainer

This result in an error:

docker: Error response from daemon: error while mounting volume ‘/var/lib/docker/volumes/cif-volume/_data’: failed to mount local volume: mount //192.168.0.1/Users/MYDOMAINUSER/share:/var/lib/docker/volumes/cif-volume/_data, data: o=username=MYDOMAINUSER,domain=MYDOMAIN,password=My!P@55w0rd: permission denied.

How to correctly create this volume?

Additional information:

  • I can successfully log into the remote machine using Window’s remote desktop tool with user MYDOMAIN\MYDOMAINUSER and password My!P@55w0rd

  • On the local machine, when I enter \REMOTEHOST\Users\MYDOMAINUSER\share into the Windows file explorer I see the contents of the shared folder.

  • When I create NONDOMAINUSER user on the remote machine, create folder C:\Users\NONDOMAINUSER\share and share it with MYDOMAIN\MYDOMAINUSER and then on the local machine I run

docker volume create \
	--driver local \
	--opt type=cifs \
	--opt device=//192.168.0.1/Users/NONDOMAINUSER/share \
	--opt "o=username=NONDOMAINUSER,password=passwordofthenondomainuser" \
	--name cif-volume-nondomain

I then run:

docker run --mount source=cif-volume-nondomain,target=/mount_point mycontainer

It works and the container can access the contents of /mount_point