Managing users in your enterprise

Site administrators can promote any normal user account to a site administrator, as well as demote other site administrators to regular users.

Outside of instance-level security measures (SSL, subdomain isolation, configuring a firewall) that a site administrator can implement, there are steps your users can take to help protect your GitHub Enterprise Server instance.

The GitHub Enterprise Server audit log dashboard shows site administrators the actions performed by all users and organizations across your GitHub Enterprise Server instance within the past 90 days. It includes details such as who performed the action, what the action was, and when it was performed.

A user account is considered to be dormant if it has not been active for at least a month. You may choose to suspend dormant users to free up user licenses.

If a user leaves or moves to a different part of the company, you should remove or modify their ability to access your GitHub Enterprise Server instance.

You can place a legal hold on a user or organization to ensure that repositories they own cannot be permanently removed from your GitHub Enterprise Server instance.

Site administrators can initiate an instance-wide audit of SSH keys.

You can create custom messages that users will see on the sign in and sign out pages.

To make it easy for users to respond quickly to activity on GitHub Enterprise Server, you can configure your instance to send email notifications on issue, pull request, and commit comments, as well as additional settings to allow inbound email replies. Notification emails are sent if there is activity on a repository a user is watching, if there is activity in a pull request or issue they are participating in, or if the user or team they're a member of are @mentioned in a comment.

You may need to rebuild contributions data to link existing commits to a user account.

Site administrators can view, add, edit, and delete global webhooks to track events at the instance level.