diff --git a/_includes/configure-registry-json.md b/_includes/configure-registry-json.md index 9d744f48b3..2559813052 100644 --- a/_includes/configure-registry-json.md +++ b/_includes/configure-registry-json.md @@ -2,63 +2,68 @@ ## Create a registry.json file -After you’ve successfully installed Docker Desktop, create a `registry.json` -file. Before you create a `registry.json` file, ensure that the developer is a -member of at least one organization in Docker Hub. If the `registry.json` file -matches at least one organization the developer is a member of, they can sign -into Docker Desktop, and then access all their organizations. +When creating a `registry.json` file, ensure that the developer is a member of +at least one organization in Docker Hub. If the `registry.json` file matches at +least one organization the developer is a member of, they can sign in to Docker +Desktop and access all their organizations. ### Windows -On Windows, you must create a file at -`C:\ProgramData\DockerDesktop\registry.json` with file permissions that ensure -that the developer using Docker Desktop cannot remove or edit the file (that is, -only the system administrator can write to the file). The file must be of type -`JSON` and contain the name of the organization in the `allowedOrgs` key. +On Windows, run the following command in a terminal to install Docker Desktop: -To create your `registry.json` file on Windows: +```console +C:\Users\Admin> "Docker Desktop Installer.exe" install +``` -1. Open Windows PowerShell and select Run as Administrator. -2. Type the following command `cd /ProgramData/DockerDesktop/` -3. Type `notepad registry.json` and enter the name of the Docker Hub - organization that the developer belongs to in the `allowedOrgs` key and click - **Save**. For example: +If you’re using PowerShell, you should run it as: - ```json - { - "allowedOrgs": ["myorg"] - } - ``` +```console +PS> Start-Process '.\win\build\Docker Desktop Installer.exe' -Wait install +``` + +If using the Windows Command Prompt: + +```console +C:\Users\Admin> start /w "" "Docker Desktop Installer.exe" install +``` + +The `install` command accepts the following flag: + +`--allowed-org=` + +This requires the user to sign in and be part of the specified Docker Hub organization +when running the application. For example: + +```console +C:\Users\Admin> "Docker Desktop Installer.exe" install --allowed-org=acmeinc +``` + +This creates the `registry.json` file at `C:\ProgramData\DockerDesktop\registry.json` +and includes the organization information the user belongs to. Make sure this file +can't be edited by the individual developer, only by the administrator. ### Mac -On macOS, you must create a file at `/Library/Application Support/com.docker.docker/registry.json` with file permissions that ensure that -the developer using Docker Desktop cannot remove or edit the file (that is, only -the system administrator can write to the file). The file must be of type `JSON` -and contain the name of the Docker Hub organization names in the `allowedOrgs` -key. +After downloading `Docker.dmg`, run the following commands in a terminal to install +Docker Desktop in the Applications folder: -To create your `registry.json` file on macOS: +```console +$ sudo hdiutil attach Docker.dmg +$ sudo /Volumes/Docker/Docker.app/Contents/MacOS/install +$ sudo hdiutil detach /Volumes/Docker +``` -1. Navigate to VS Code or any text editor of your choice. -2. Enter the name of the Docker Hub organization that the developer belongs to in the `allowedOrgs` key and save it in your Documents. For example: +The `install` command accepts the following flags: - ```json - { - "allowedOrgs": ["myorg"] - } - ``` +`--allowed-org=` -3. Open a new terminal and type the following command: +This requires the user to sign in and be part of the specified Docker Hub +organization when running the application. For example: - ```console - $ sudo mkdir -p /Library/Application\ Support/com.docker.docker - ``` +```console +$ sudo hdiutil attach Docker.dmg --allowed-org=acmeinc +``` - If prompted, type your password associated with your local computer. - -4. Type the following command: - - ```console - $ sudo cp Documents/registry.json /Library/Application\ Support/com.docker.docker/registry.json - ``` +This creates the `registry.json` file at `/Library/Application Support/com.docker.docker/registry.json` +and includes the organization information the user belongs to. Make sure this file +can't be edited by the individual developer, only by the administrator. diff --git a/docker-hub/configure-sign-in.md b/docker-hub/configure-sign-in.md index 76bb4ff230..1dc178ff3f 100644 --- a/docker-hub/configure-sign-in.md +++ b/docker-hub/configure-sign-in.md @@ -5,12 +5,10 @@ title: Configure registry.json to enforce sign in --- The `registry.json` file is a configuration file that allows administrators to -specify the Docker organization the user must belong to, and thereby ensure -that the organization's settings are applied to the user's session. Docker -Desktop installation requires admin access. In large enterprises where admin -access is restricted, administrators can create a `registry.json` file and -deploy it to the users’ machines using a device management software as part of -the Docker Desktop installation process. +specify the Docker organization the user must belong to and ensure that the +organization’s settings apply to the user’s session. The Docker Desktop installer +can create this file and deploy it to the users’ machines as part of the installation +process. After you deploy a `registry.json` file to a user’s machine, it prompts the user to sign into Docker Desktop. If a user doesn’t sign in, or tries to sign in using a different organization, other than the organization listed in the `registry.json` file, they will be denied access to Docker Desktop. Deploying a `registry.json` file and forcing users to authenticate offers the following benefits: