Add domain audit (#16293)

* Add domain audit feature for early access

_data/toc.yaml

@@ -1820,6 +1820,8 @@ manuals:
          title: FAQs
   - path: /docker-hub/scim/
     title: SCIM
+  - path: /docker-hub/domain-audit/
+    title: Domain audit
   - path: /docker-hub/image-access-management/
     title: Image Access Management
 

docker-hub/domain-audit.md

@@ -0,0 +1,34 @@
+---
+description: Audit your domains for uncaptured users.
+keywords: domain audit, security
+title: Domain audit
+---
+
+> **Note**
+>
+> Domain audit is currently in [Early Access](../release-lifecycle.md/#early-access-ea).
+> The feature is enabled for specific user groups as part of an incremental roll-out strategy.
+
+When your organization has configured SSO, and you have verified your domains, you can audit your domains. Auditing your domains will identify uncaptured users that have authenticated with an email associated with one of your verified domains.
+
+Uncaptured users can pose a security threat to your environment since your organization's security settings aren't applied to the user's sessions who aren't part of your organization. In addition, you won't have visibility into the activity of uncaptured users.
+
+You can add uncaptured users to your organization to gain visibility into their activity and apply your organization's security settings. Additionally, you can enforce sign-in to ensure that only members of your organization can sign in to Docker Desktop in your environment. For more details about enforcing sign-in, see [Configure registry.json to enforce sign-in](../docker-hub/configure-sign-in.md).
+
+## Audit your domains for uncaptured users
+
+To audit your domains:
+
+1. Sign in to [Docker Hub](https://hub.docker.com){: target="_blank" rel="noopener" class="_"} as an administrator of your organization.
+
+2. Select **Organizations** and then select your organization.
+
+3. Select **Settings** and then select **Security**.
+
+4. In **Domain Audit**, select **Export Users** to export a CSV file of uncaptured users with the following columns:
+  - Name: The name of the user.
+  - Username: The Docker ID of the user.
+  - Email: The email address of the user.
+  - Date Joined: The date the user created their Docker account.
+
+You can invite all the uncaptured users to your organization using the exported CSV file. For more details, see [Invite members via CSV file](../docker-hub/members.md/#invite-members-via-csv-file).

docker-hub/onboarding-faqs.md

@@ -144,4 +144,10 @@ A registry is a hosted service containing repositories of images that responds t
 
 ### What is included in my Docker Business or Team plan?
 
-For a list of features available in each tier, see [Docker subscription overview](../subscription/index.md).
+For a list of features available in each tier, see [Docker subscription overview](../subscription/index.md).
+
+### Can I delete or deactivate a Docker account for another user?
+
+Only someone with access to the Docker account can deactivate the account. For more details, see [Deactivating an account](../docker-hub/deactivate-account.md/).
+
+If the user is a member of your organization, you can remove the user from your organization. For more details, see [Remove members](../docker-hub/members.md/#remove-members).

docker-hub/release-notes.md

@@ -11,9 +11,16 @@ known issues for each Docker Hub release.
 
 Take a look at the [Docker Public Roadmap](https://github.com/docker/roadmap/projects/1){: target="_blank" rel="noopener" class="_"} to see what's coming next.
 
+## 2022-12-12
+
+### New
+
+- The new [domain audit](../docker-hub/domain-audit.md) feature lets you audit your domains for users who aren't a member of your organization.
+
+
 ## 2022-09-26
 
-### New 
+### New
 
 - The new [autobuild feature](../docker-hub/builds/index.md#check-your-active-builds) lets you view your in-progress logs every 30 seconds instead of when the build is complete.