GitHub Enterprise Server User Management Guide

Welcome to the GitHub Enterprise Server User Management Guide. Use this guide to:

• Decide on and implement an authentication method for users signing in to your GitHub Enterprise Server instance.
• Create and manage organizations and teams within your GitHub Enterprise Server instance for repository access and collaboration.
• Configure global webhooks to track events at the instance level.
• Review best practices for ensuring your GitHub Enterprise Server users are keeping themselves and their data as safe and secure as possible.

GitHub Enterprise Server is distributed as a virtual machine image that you install and manage within your existing infrastructure. For more information on installing and configuring your GitHub Enterprise Server instance, see the GitHub Enterprise Server Setup and Configuration Guide.

Table of Contents

• Authenticating users for your GitHub Enterprise Server instance

  • Using built-in authentication
  • Disabling unauthenticated sign-ups
  • Using CAS
  • Using SAML
  • Using LDAP
  • Allowing built-in authentication for users outside your identity provider
  • Changing authentication methods

• Basic account settings

  • Promoting or demoting a site administrator
  • Configuring email for notifications
  • Customizing user messages on your instance
  • Rebuilding contributions data

• Organizations and teams

  • Creating organizations
  • Creating teams
  • Adding people to teams
  • Removing users from teams and organizations
  • Configuring visibility for organization membership
  • Preventing users from creating organizations
  • Placing a legal hold on a user or organization
  • About global webhooks
  • Managing global webhooks

• User security

  • Best practices for user security
  • Requiring two-factor authentication for an organization
  • Managing dormant users
  • Auditing users across your instance
  • Suspending and unsuspending users
  • Auditing SSH keys

• Repositories

  • Allowing admins to enable anonymous Git read access to public repositories
  • Preventing users from changing anonymous Git read access
  • Preventing users from changing a repository's visibility
  • Restricting repository creation in your instance
  • Preventing users from deleting organization repositories
  • Archiving and unarchiving repositories