我们经常发布文档更新,此页面的翻译可能仍在进行中。有关最新信息,请访问英文文档。如果此页面上的翻译有问题,请告诉我们
文章版本: Enterprise Server 2.20

Allowing built-in authentication for users outside your identity provider

You can configure built-in authentication to authenticate users who don't have access to your identity provider that uses LDAP, SAML, or CAS.

本文内容

About built-in authentication for users outside your identity provider

You can use built-in authentication for outside users when you are unable to add specific accounts to your identity provider (IdP), such as accounts for contractors or machine users. You can also use built-in authentication to access a fallback account if the identity provider is unavailable.

After built-in authentication is configured and a user successfully authenticates with SAML or CAS, they will no longer have the option to authenticate with a username and password. If a user successfully authenticates with LDAP, the credentials are no longer considered internal.

Built-in authentication for a specific IdP is disabled by default.

Warning: If you disable built-in authentication, you must individually suspend any users that should no longer have access to the instance. For more information, see "Suspending and unsuspending users."

Configuring built-in authentication for users outside your identity provider

  1. 在任何页面的右上角,单击
    用于访问站点管理员设置的火箭图标
  2. 在左侧边栏中,单击 管理控制台
    左侧边栏中的 管理控制台 选项卡
  3. 在左侧边栏中,单击 Authentication(身份验证)
    设置侧边栏中的身份验证选项卡
  4. Select your identity provider.
    Select identity provider option
  5. Select Allow creation of accounts with built-in authentication.
    Select built-in authentication option
  6. Read the warning, then click Ok.

双重身份验证

使用 LDAP 或内置身份验证时,支持双重身份验证。 组织管理员可以要求成员启用双重身份验证。

Inviting users outside your identity provider to authenticate to your instance

When a user accepts the invitation, they can use their username and password to sign in rather than signing in through the IdP.

  1. 登录到 http(s)://HOSTNAME/login 上的 您的 GitHub Enterprise Server 实例。
  2. 在任何页面的右上角,单击
    用于访问站点管理员设置的火箭图标
  3. 在左侧边栏中,单击 Invite user(邀请用户)
    站点管理控制台中的邀请用户选项卡
  4. 输入您要创建的每个用户帐户的用户名和电子邮件地址,然后单击 Generate a password reset link(生成密码重置链接)
    生成密码重置链接按钮

Further reading

问问别人

找不到要找的内容?

联系我们