From 2b55f06b1c22ae2a7805ab1d4060462089158b62 Mon Sep 17 00:00:00 2001
From: Luciano Ciccariello <xeeynamo@hotmail.com>
Date: Fri, 31 Oct 2025 22:35:15 +0000
Subject: [PATCH 1/2] Refresh Config Profiles documentation

---
 .../security/enforce-sign-in/methods.md       | 71 +++++++++++--------
 1 file changed, 43 insertions(+), 28 deletions(-)

diff --git a/content/manuals/enterprise/security/enforce-sign-in/methods.md b/content/manuals/enterprise/security/enforce-sign-in/methods.md
index 3e5e65fe668..380bff549ab 100644
--- a/content/manuals/enterprise/security/enforce-sign-in/methods.md
+++ b/content/manuals/enterprise/security/enforce-sign-in/methods.md
@@ -91,17 +91,18 @@ In Docker Desktop version 4.48 and later, the following keys are also supported:
 - `overrideProxyPAC`: Sets the file path where the PAC file is located. It has precedence over the remote PAC file on the selected proxy.
 - `overrideProxyEmbeddedPAC`: Sets the content of an in-memory PAC file. It has precedence over `overrideProxyPAC`.
 
-Overriding at least one of the proxy settings via Configuration profiles will automatically lock the settings as they're managed by macOS. 
+Overriding at least one of the proxy settings via Configuration profiles will automatically lock the settings as they're managed by macOS.
 
-1. Create a file named `docker.mobileconfig` with this content:
+
+1. Create a file named `docker.mobileconfig` and include the following content:
    ```xml
-    <?xml version="1.0" encoding="UTF-8"?>
-    <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
-    <plist version="1.0">
-      <dict>
-        <key>PayloadContent</key>
-        <array>
-          <dict>
+   <?xml version="1.0" encoding="UTF-8"?>
+   <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+   <plist version="1.0">
+   <dict>
+      <key>PayloadContent</key>
+      <array>
+         <dict>
             <key>PayloadType</key>
             <string>com.docker.config</string>
             <key>PayloadVersion</key>
@@ -122,32 +123,46 @@ Overriding at least one of the proxy settings via Configuration profiles will au
             <string>http://company.proxy:port</string>
             <key>overrideProxyHTTPS</key>
             <string>https://company.proxy:port</string>
-          </dict>
-        </array>
-        <key>PayloadType</key>
-        <string>Configuration</string>
-        <key>PayloadVersion</key>
-        <integer>1</integer>
-        <key>PayloadIdentifier</key>
-        <string>com.yourcompany.docker.config</string>
-        <key>PayloadUUID</key>
-        <string>0deedb64-7dc9-46e5-b6bf-69d64a9561ce</string>
-        <key>PayloadDisplayName</key>
-        <string>Docker Desktop Config Profile</string>
-        <key>PayloadDescription</key>
-        <string>Config profile to enforce Docker Desktop settings for allowed organizations.</string>
-        <key>PayloadOrganization</key>
-        <string>Your Company Name</string>
-      </dict>
-    </plist>
+         </dict>
+      </array>
+      <key>PayloadType</key>
+      <string>Configuration</string>
+      <key>PayloadVersion</key>
+      <integer>1</integer>
+      <key>PayloadIdentifier</key>
+      <string>com.yourcompany.docker.config</string>
+      <key>PayloadUUID</key>
+      <string>0deedb64-7dc9-46e5-b6bf-69d64a9561ce</string>
+      <key>PayloadDisplayName</key>
+      <string>Docker Desktop Config Profile</string>
+      <key>PayloadDescription</key>
+      <string>Config profile to enforce Docker Desktop settings for allowed organizations.</string>
+      <key>PayloadOrganization</key>
+      <string>Your Company Name</string>
+   </dict>
+   </plist>
    ```
 1. Replace placeholders:
    - Change `com.yourcompany.docker.config` to your company identifier
    - Replace `Your Company Name` with your organization name
+   - Replace `PayloadUUID` with a randomly generated UUID
    - Update the `allowedOrgs` value with your organization names (separated by semicolons)
    - Replace `company.proxy:port` with http/https proxy server host(or IP address) and port
 1. Deploy the profile using your MDM solution.
-1. Verify the profile appears in **System Settings** > **General** > **Device Management** under **Device (Managed)** profiles.
+1. Verify the profile appears in **System Settings** > **General** > **Device Management** under **Device (Managed)**. Ensure the profile is listed with the correct name and settings.
+
+Some MDM solutions allow specifying the payload as a plain dictionary of key-value settings without the full `.mobileconfig` wrapper:
+
+```xml
+<dict>
+   <key>allowedOrgs</key>
+   <string>first_org;second_org</string>
+   <key>overrideProxyHTTP</key>
+   <string>http://company.proxy:port</string>
+   <key>overrideProxyHTTPS</key>
+   <string>https://company.proxy:port</string>
+</dict>
+```
 
 ## macOS: plist file method
 

From cb1e42a39056a86b687badc0b42de1ad22f5a72e Mon Sep 17 00:00:00 2001
From: Allie Sadler <102604716+aevesdocker@users.noreply.github.com>
Date: Mon, 3 Nov 2025 15:30:52 +0000
Subject: [PATCH 2/2] Update
 content/manuals/enterprise/security/enforce-sign-in/methods.md

---
 content/manuals/enterprise/security/enforce-sign-in/methods.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/content/manuals/enterprise/security/enforce-sign-in/methods.md b/content/manuals/enterprise/security/enforce-sign-in/methods.md
index 380bff549ab..586f99684c5 100644
--- a/content/manuals/enterprise/security/enforce-sign-in/methods.md
+++ b/content/manuals/enterprise/security/enforce-sign-in/methods.md
@@ -151,7 +151,7 @@ Overriding at least one of the proxy settings via Configuration profiles will au
 1. Deploy the profile using your MDM solution.
 1. Verify the profile appears in **System Settings** > **General** > **Device Management** under **Device (Managed)**. Ensure the profile is listed with the correct name and settings.
 
-Some MDM solutions allow specifying the payload as a plain dictionary of key-value settings without the full `.mobileconfig` wrapper:
+Some MDM solutions let you specify the payload as a plain dictionary of key-value settings without the full `.mobileconfig` wrapper:
 
 ```xml
 <dict>