ENGDOCS-2072 #19857
ENGDOCS-2072 #19857
Conversation
github-actions
bot
added
area/hub
✅ Deploy Preview for docsdocker ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
There was a problem hiding this comment.
Need to also replace some implementation details once https://github.com/docker/pinata/pull/28020 is merged as it changes the data structures of the registry key and the plist.
content/desktop/hardened-desktop/enhanced-container-isolation/_index.md
Outdated
Show resolved
Hide resolved
content/desktop/hardened-desktop/settings-management/configure.md
Outdated
Show resolved
Hide resolved
aevesdocker
requested review from
craig-osterhout and
stephaurelio
as code owners
There was a problem hiding this comment.
There are a few lines that needs to be adjusted to reflect some last-minute changes (apologise about that).
I also added a few suggestions/optional changes, all marked with the 💡 emoji.
I do not see a comment about supporting only one entry for the allowedOrgs, despite giving the option to put more than one value. If an admin put more than one value in allowedOrgs, the log-in enforcement will silently fail. So better make it clear.
Other than that, everything else looks brilliant. Thanks for doing this!
| 2. Within Group Policy, create or edit a Group Policy Objective (GPO) that applies to the machines or users you wish to target. | ||
| 3. Within the GPO, navigate to **Computer Configuration** > **Preferences** > **Windows Settings** > **Registry**. | ||
| 4. Add the registry item. Right-click on the **Registry** node, select **New** > **Registry Item**. | ||
| 5. Configure the new registry item to match the registry script you created, specifying the action as **Update**. Make suer you input the correct path, value name (`allowedOrgs`), and value data (your organization’s name). |
There was a problem hiding this comment.
Small typo:
| 5. Configure the new registry item to match the registry script you created, specifying the action as **Update**. Make suer you input the correct path, value name (`allowedOrgs`), and value data (your organization’s name). | |
| 5. Configure the new registry item to match the registry script you created, specifying the action as **Update**. Make sure you input the correct path, value name (`allowedOrgs`), and value data (your organization’s name). |
| 1. Create a Bash script that can check for the existence of the `.plist` file in the correct directory, create or modify it as needed, and set the appropriate permissions. | ||
| Include commands in your script to: | ||
| - Navigate to the `/Library/Application Support/com.docker.docker/` directory or create it if it doesn't exist. | ||
| - Use the `defaults` command to write the required keys and values to the `desktop.plist` file. For example, `defaults write /Library/Application\ Support/com.docker.docker/desktop.plist allowedOrgs -string "myorg"`. |
There was a problem hiding this comment.
The example defaults write... is a little long when I view the deploy preview and ends with the period on a new line. Is it work using a code block here instead?
There was a problem hiding this comment.
oop, yes, changed!
| > This means that your users must use SSO to sign in, instead of a username and password. | ||
| > When you enforce sign-in and enforce SSO, your users must sign in and must use SSO to do so. | ||
| > See [Enforce SSO](/security/for-admins/single-sign-on/connect#optional-enforce-sso) for details on how to enable this for your SSO connection. | ||
| { .tip } |
There was a problem hiding this comment.
Suggestion: Maybe can add a "Next steps" section here linking to the Methods page?
There was a problem hiding this comment.
Did consider that, but have already got links to the methods page up on line 18,19,20, so wasn't sure if it would be too repetitive
|
Closing as new PR replaces this |
Description
For release with DD4.31 (maybe)
Related issues or tickets
Reviews