You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: content/manuals/security/for-admins/hardened-desktop/settings-management/_index.md
+5-5Lines changed: 5 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -13,9 +13,9 @@ weight: 10
13
13
>
14
14
> Settings Management is available to Docker Business customers only.
15
15
16
-
Settings Management helps you control key Docker Desktop settings, like proxies and network configurations, on your developer's machines within your organization.
16
+
Settings Management helps you control key Docker Desktop settings, like proxies and network configurations, on your developers' machines within your organization.
17
17
18
-
For an extra layer of security, you can also use Settings Management to enable and lock in [Enhanced Container Isolation](../enhanced-container-isolation/_index.md) which ensures that any configurations set with Settings Management cannot be modified by containers.
18
+
For an extra layer of security, you can also use Settings Management to enable and lock in [Enhanced Container Isolation](../enhanced-container-isolation/_index.md), which prevents containers from modifying any Settings Management configurations.
19
19
20
20
## Who is it for?
21
21
@@ -62,13 +62,13 @@ Once this is done, Docker Desktop developers receive the changed settings when t
62
62
- Quit, re-launch, and sign in to Docker Desktop
63
63
- Launch and sign in to Docker Desktop for the first time
64
64
65
-
So as not to disrupt your developers' workflow, Docker doesn't automatically mandate that developers re-launch and re-authenticate once a change has been made.
65
+
To avoid disrupting your developers' workflows, Docker doesn't automatically require that developers re-launch and re-authenticate once a change has been made.
66
66
67
67
## What do developers see when the settings are enforced?
68
68
69
-
Enforced settings in Docker Desktop appear grayed out, making them uneditable through the Docker Desktop Dashboard, CLI, or the `settings-store.json`file (or `settings.json` for Docker Desktop versions 4.34 and earlier).
69
+
Enforced settings appear grayed out in Docker Desktop. They can't be edited via the Docker Desktop Dashboard, CLI, or `settings-store.json` (or `settings.json` for Docker Desktop 4.34 and earlier).
70
70
71
-
In addition, if Enhanced Container Isolation is enforced, developers can't use privileged containers or similar techniques to modify enforced settings within the Docker Desktop Linux VM, for example, reconfigure proxy and networking of reconfigure Docker Engine.
71
+
In addition, if Enhanced Container Isolation is enforced, developers can't use privileged containers or similar techniques to modify enforced settings within the Docker Desktop Linux VM. For example, they can't reconfigure proxy and networking, or Docker Engine.
|`proxy`||If `mode` is set to `system` instead of `manual`, Docker Desktop gets the proxy values from the system and ignores and values set for `http`, `https` and `exclude`. Change `mode` to `manual` to manually configure proxy servers. If the proxy port is custom, specify it in the `http` or `https` property, for example `"https": "http://myotherproxy.com:4321"`. The `exclude` property specifies a comma-separated list of hosts and domains to bypass the proxy. ||
219
-
| `windowsDockerdPort`| Windows only | Exposes Docker Desktop's internal proxy locally on this port for the Windows Docker daemon to connect to. If it is set to 0, a random free port is chosen. If the value is greater than 0, use that exact value for the port. The default value is -1 which disables the option. Note: This is available for Windows containers only. ||
219
+
| `windowsDockerdPort`| Windows only | Exposes Docker Desktop's internal proxy locally on this port for the Windows Docker daemon to connect to. If it is set to 0, a random free port is chosen. If the value is greater than 0, use that exact value for the port. The default value is -1 which disables the option. ||
220
220
| `enableKerberosNtlm`||When set to `true`, Kerberos and NTLM authentication is enabled. Default is `false`. For more information, see the settings documentation. | Docker Desktop version 4.32 and later. |
221
221
222
222
### Container proxy
@@ -271,7 +271,7 @@ The following `admin-settings.json` code and table provides an example of the re
271
271
272
272
For settings to take effect:
273
273
- On a new install, developers need to launch Docker Desktop and authenticate to their organization.
274
-
- On an existing install, developers need to quit Docker Desktop through the Docker menu, and then relaunch Docker Desktop. If they are already signed in, they don't need to sign in again for the changes to take effect.
274
+
- On an existing install, developers need to quit Docker Desktop through the Docker menu, and then re-launch Docker Desktop. If they are already signed in, they don't need to sign in again for the changes to take effect.
275
275
> [!IMPORTANT]
276
276
>
277
277
> Selecting **Restart** from the Docker menu isn't enough as it only restarts some components of Docker Desktop.
0 commit comments