PS C:\> ls C:\ Directory: C:\ Mode LastWriteTime Length Name ---- ------------- ------ ---- d----- 4/14/2020 7:46 PM inetpub d-r--- 4/13/2020 3:39 AM Program Files d----- 4/13/2020 3:38 AM Program Files (x86) d-r--- 4/13/2020 3:40 AM Users d----- 4/14/2020 7:46 PM Windows -a---- 9/15/2018 9:42 AM 5510 License.txt -a---- 4/14/2020 7:46 PM 168344 ServiceMonitor.exe PS C:\> exit PS C:\Users\JimmyCater> docker container stop ISSServer ISSServer PS C:\Users\JimmyCater> docker start ISSServer ISSServer PS C:\Users\JimmyCater> docker exec -it ISSServer powershell Windows PowerShell Copyright (C) Microsoft Corporation. All rights reserved. PS C:\> ipconfig /all Windows IP Configuration Host Name . . . . . . . . . . . . : 14698ed7a9a7 Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : u5dtxjikcnhuvdxr1ewys02vbg.bx.internal.cloudapp.net Ethernet adapter vEthernet (Ethernet): Connection-specific DNS Suffix . : u5dtxjikcnhuvdxr1ewys02vbg.bx.internal.cloudapp.net Description . . . . . . . . . . . : Hyper-V Virtual Ethernet Adapter #2 Physical Address. . . . . . . . . : 00-15-5D-C5-5B-72 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::458:7b68:5ab6:c8f6%17(Preferred) IPv4 Address. . . . . . . . . . . : 172.31.114.53(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.240.0 Default Gateway . . . . . . . . . : 172.31.112.1 168.63.129.16 NetBIOS over Tcpip. . . . . . . . : Disabled Connection-specific DNS Suffix Search List : u5dtxjikcnhuvdxr1ewys02vbg.bx.internal.cloudapp.net PS C:\> ls env:\ Name Value ---- ----- ALLUSERSPROFILE C:\ProgramData APPDATA C:\Users\ContainerAdministrator\AppData\Roaming CommonProgramFiles C:\Program Files\Common Files CommonProgramFiles(x86) C:\Program Files (x86)\Common Files CommonProgramW6432 C:\Program Files\Common Files COMPUTERNAME 14698ED7A9A7 ComSpec C:\Windows\system32\cmd.exe DriverData C:\Windows\System32\Drivers\DriverData LOCALAPPDATA C:\Users\ContainerAdministrator\AppData\Local NUMBER_OF_PROCESSORS 2 OS Windows_NT Path C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPo... PATHEXT .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.CPL PROCESSOR_IDENTIFIER Intel64 Family 6 Model 85 Stepping 4, GenuineIntel PROCESSOR_LEVEL 6 PROCESSOR_REVISION 5504 ProgramData C:\ProgramData ProgramFiles C:\Program Files ProgramFiles(x86) C:\Program Files (x86) ProgramW6432 C:\Program Files PSModulePath C:\Users\ContainerAdministrator\Documents\WindowsPowerShell\Modules;C:\Program Files\... PUBLIC C:\Users\Public SystemDrive C: SystemRoot C:\Windows TEMP C:\Users\ContainerAdministrator\AppData\Local\Temp TMP C:\Users\ContainerAdministrator\AppData\Local\Temp USERDOMAIN User Manager USERNAME ContainerAdministrator USERPROFILE C:\Users\ContainerAdministrator windir C:\Windows PS C:\> ls hklm:\ Hive: HKEY_LOCAL_MACHINE Name Property ---- -------- Hardware SAM ls : Requested registry access is not allowed. At line:1 char:1 + ls hklm:\ + ~~~~~~~~~ + CategoryInfo : PermissionDenied: (HKEY_LOCAL_MACHINE\Security:String) [Get-ChildItem], SecurityExceptio n + FullyQualifiedErrorId : System.Security.SecurityException,Microsoft.PowerShell.Commands.GetChildItemCommand SOFTWARE SYSTEM PS C:\> ls hkcu:\ Hive: HKEY_CURRENT_USER Name Property ---- -------- Console ColorTable00 : 789516 ColorTable01 : 14300928 ColorTable02 : 958739 ColorTable03 : 14521914 ColorTable04 : 2035653 ColorTable05 : 9967496 ColorTable06 : 40129 ColorTable07 : 13421772 ColorTable08 : 7763574 ColorTable09 : 16742459 ColorTable10 : 837142 ColorTable11 : 14079585 ColorTable13 : 10354868 ColorTable14 : 10875385 ColorTable15 : 15921906 CtrlKeyShortcutsDisabled : 0 CursorColor : 4294967295 CursorSize : 25 EnableColorSelection : 0 ExtendedEditKey : 1 ExtendedEditKeyCustom : 0 FaceName : __DefaultTTFont__ FilterOnPaste : 1 FontFamily : 0 FontSize : 1048576 FontWeight : 0 FullScreen : 0 HistoryBufferSize : 50 HistoryNoDup : 0 InsertMode : 1 LineSelection : 1 LineWrap : 1 LoadConIme : 1 NumberOfHistoryBuffers : 4 PopupColors : 245 ScreenBufferSize : 589889656 ScreenColors : 7 ScrollScale : 1 TrimLeadingZeros : 0 WindowAlpha : 255 WindowSize : 1966200 WordDelimiters : 0 Control Panel Environment Path : C:\Users\ContainerAdministrator\AppData\Local\Microsoft\WindowsApps; TMP : C:\Users\ContainerAdministrator\AppData\Local\Temp Keyboard Layout Network Software PS C:\> get-psdrive Name Used (GB) Free (GB) Provider Root CurrentLocation ---- --------- --------- -------- ---- --------------- Alias Alias Cert Certificate \ Env Environment Function Function HKCU Registry HKEY_CURRENT_USER HKLM Registry HKEY_LOCAL_MACHINE Variable Variable WSMan WSMan PS C:\> Get-LocalUser Name Enabled Description ---- ------- ----------- Administrator False Built-in account for administering the computer/domain DefaultAccount False A user account managed by the system. Guest False Built-in account for guest access to the computer/domain WDAGUtilityAccount False A user account managed and used by the system for Windows Defender Application Guard scen... PS C:\> Get-LocalUser Name Enabled Description ---- ------- ----------- Administrator False Built-in account for administering the computer/domain DefaultAccount False A user account managed by the system. Name Enabled Description ---- ------- ----------- Administrator False Built-in account for administering the computer/domain DefaultAccount False A user account managed by the system. Guest False Built-in account for guest access to the computer/domain WDAGUtilityAccount False A user account managed and used by the system for Windows Defender Application Guard scen... PS C:\> New-LocalUser cmdlet New-LocalUser at command pipeline position 1 Supply values for the following parameters: Name: JimmyCater Password: ************* Name Enabled Description ---- ------- ----------- JimmyCater True PS C:\> Get-LocalUser Name Enabled Description ---- ------- ----------- Administrator False Built-in account for administering the computer/domain DefaultAccount False A user account managed by the system. Guest False Built-in account for guest access to the computer/domain JimmyCater True WDAGUtilityAccount False A user account managed and used by the system for Windows Defender Application Guard scen... PS C:\> Get-LocalUser | Select name, sid Name SID ---- --- Administrator S-1-5-21-3839953091-313940097-3872149340-500 DefaultAccount S-1-5-21-3839953091-313940097-3872149340-503 Guest S-1-5-21-3839953091-313940097-3872149340-501 JimmyCater S-1-5-21-3839953091-313940097-3872149340-1000 WDAGUtilityAccount S-1-5-21-3839953091-313940097-3872149340-504