File: content/manuals/enterprise/enterprise-deployment/faq.md

Issue

The PowerShell script provided as a workaround for populating the docker-users group will fail when executed because it attempts to create a group that already exists:

$Group = "docker-users"
$CurrentUser = [System.Security.Principal.WindowsIdentity]::GetCurrent().Name

# Create the group
New-LocalGroup -Name $Group

# Add the user to the group
Add-LocalGroupMember -Group $Group -Member $CurrentUser

The FAQ explains that when Docker Desktop is installed via MDM (like Intune) in the system context, the MSI installer creates the docker-users group but doesn't populate it with user accounts. The script is meant to add users to this existing group, but it tries to create the group first with New-LocalGroup -Name $Group, which will fail with an error like "The specified local group already exists."

Why this matters

Users following this guidance will encounter a PowerShell error when they run the script. The New-LocalGroup command will fail because the MSI installer has already created the docker-users group during installation. This makes the workaround unusable without modification.

Suggested fix

The script should check if the group exists before attempting to create it, or simply remove the group creation step entirely since the MSI installer already creates the group. Here's a corrected version:

$Group = "docker-users"
$CurrentUser = [System.Security.Principal.WindowsIdentity]::GetCurrent().Name

# Create the group only if it doesn't exist
if (-not (Get-LocalGroup -Name $Group -ErrorAction SilentlyContinue)) {
    New-LocalGroup -Name $Group
}

# Add the user to the group
Add-LocalGroupMember -Group $Group -Member $CurrentUser

Or more simply, since the MSI creates the group:

$Group = "docker-users"
$CurrentUser = [System.Security.Principal.WindowsIdentity]::GetCurrent().Name

# Add the user to the group
Add-LocalGroupMember -Group $Group -Member $CurrentUser

Found by nightly documentation quality scanner