- This Asus laptop is my go-to MacBook alternative - and it's on sale at Best Buy
- I invested in a subscription-less video doorbell, and it's paying off for my smart home
- This excellent ThinkPad for hybrid workers isn't even Lenovo's newest model (and it's 50% off)
- I replaced my iPhone 16 Pro Max with this pocket camera for video shooting - and can't go back
- This 20-in-1 accessory kit is my favorite laptop essential (and it's on sale)
New Docker Desktop Enterprise Admin Features: MSI Installer and Login Enforcement Alternative | Docker
At Docker, we continuously strive to enhance the ease and security of our platform for all users. We’re excited to launch the general availability for two significant updates: the Docker Desktop MSI installer and a new sign-in enforcement alternative. These updates aim to streamline administration, improve security, and ensure users can take full advantage of Docker Business subscription features.
Docker Desktop MSI installer
Replacing an EXE installer with an MSI installer for desktop applications offers numerous advantages, particularly for enterprise customers:
- Enhanced deployment features: MSI installers provide the ability to manage installations through Group Policy and offer more comprehensive installation and uninstallation control.
- Easier and more secure mass deployment: Facilitates secure, efficient deployment across multiple devices, enhancing IT administration efficiency.
- Widely accepted: MSI installers are recognized in both home and enterprise environments.
- Supports standardized silent install parameters: Aligns with industry standards for silent installations.
- Ideal for large-scale deployment: MSI files can be customized to include specific options, such as silent installs or custom installation paths, making them perfect for corporate environments.
For customers using Intune MDM, we have detailed documentation to assist with integration: Intune MDM Documentation.
To access the installer, navigate to the Docker Admin Console > Security and Access > Deploy Docker Desktop.
Sign-in enforcement: Streamlined alternative for organizations
Recognizing the need for more streamlined and familiar ways to enforce sign-in protocols, Docker is introducing a new sign-in enforcement mechanism for Windows OS (Figure 1). This update brings several business benefits, including increased user logins and better seat allocation awareness, ultimately helping customers maximize their business subscription features and manage license costs more effectively.
We now offer integration with the Windows Registry, allowing admins to add approved organizations directly within familiar Windows system settings. Find out more.
By moving away from the traditional registry.json
method and adopting universally recognized settings, Docker simplifies the process for IT admins already familiar with these systems. This change means:
- Easier integration: Organizations can seamlessly integrate Docker sign-in enforcement into their existing configuration management workflows.
- Simplified administration: Reduces the learning curve and eliminates the need for additional internal approvals for new file types.
These changes are designed to offer quick deployment and familiar processes to IT administrators. We are committed to refining these mechanisms based on user feedback and evolving requirements.
Note that the legacy registry.json
method will continue to work, ensuring support for existing customers, but it should now be considered a legacy method. If you roll out a registry key, it will take precedence over any pre-existing registry.json
.
Roll out the registry key sign-in enforcement at Docker install time via the --allowed-org
flag.
For example, to deploy the MSI installer with sign-in enforcement, run the following:
msiexec /i "DockerDesktop.msi" /L*V ".msi.log" /quiet /norestart ALLOWEDORG="docker.com"
The above command installs Docker Desktop silently with verbose logging, without restarting the system, and it allows only the specified organization (in this case, “docker.com”) to use Docker Desktop by enforcing sign-in.
Check our full step-by-step installation documentation.
Roadmap
We’re also working on several related administrative improvements, such as:
- PKG enterprise installer for macOS.
- macOS configuration profiles for enforcing sign-in.
- Supporting multiple organizations in all available sign-in enforcement mechanism.
Stay tuned for these exciting updates!
Wrapping up
These updates reflect our ongoing commitment to improving the Docker platform for our users. By introducing the Docker Desktop MSI installer and new sign-in enforcement alternatives, we aim to simplify deployment, enhance security, and streamline administration for organizations of all sizes. We encourage IT teams and administrators to start planning for these changes to enhance their Docker experience.