英文:
docker login - where are login credentials saved on the server?
问题
我使用一些 服务账号 来执行 docker login 操作到我们公司的仓库。密码在 1 年后会过期并需要更改。一旦我启动安装了 Docker 的虚拟机,我的 服务账号 凭据会立即被锁定,我无法通过 docker login 更新新密码,因为账号被锁定。似乎它在某处引用和使用旧密码,我没有在服务器端自动运行任何 Docker 操作。
服务器/虚拟机在哪里存储有关旧密码的信息,以便我可以删除/更新这些旧数据?
我可以尝试/检查什么?
谢谢
英文:
I am using some service account for docker login operation to our company repo.
Password expires and needs to be changed after 1 year period.
Once I start VM where docker is installed, my service account credentials are immediately locked, and I am not able to update new password with docker login since account is locked. It seems like it references and consumes somewhere old password, I do not run any docker operation automatically on the server side.
Where does server/VM stores information about old password - so I could remove/update those old data?
What I could try/check?
Thank you
答案1
得分: 0
问题已通过禁用引用服务帐户凭据以启动服务的Windows服务来解决。这导致了用户锁定。
这是Azure管道代理服务,其登录帐户为旧凭据的服务帐户。
错误和跟踪可以在事件查看器中注意到 - 它报告了如下错误:
“Azure管道代理(“service_name”)服务由于以下错误而无法启动:
由于登录失败,服务未能启动。”
和
“vstsagent。“service_name”服务无法使用当前配置的密码以Domain\svcacct-user身份登录,原因如下:
引用的帐户当前被锁定,可能无法登录。”
英文:
Issue was resolved by disabling the Windows Service which referenced service account credentials for starting the service. This caused user locking.
It was Azure Pipeline Agent service which had as a logon account service account old credentials.
The error, and traces can be noticed in the Event Viewer - it reported errors such as:
The Azure Pipelines Agent ("service_name") service failed to start due to the following error:
The service did not start due to a logon failure.
and
The vstsagent."service_name" service was unable to log on as Domain\svcacct-user with the currently configured password due to the following error:
The referenced account is currently locked out and may not be logged on to.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论