Teams give organizations the ability to create groups of members and control access to repositories. Team members can be granted read, write, or admin permissions to specific repositories.

Teams are central to many of GitHub's collaborative features, such as team @mentions to notify appropriate parties that you'd like to request their input or attention. For more details on how you can use organizations and teams to control repository access, see "Permission levels for an organization repository".

Teams can map to physical teams within your company, but they can also represent areas of interest or expertise. For example, a team of accessibility experts on your Enterprise instance could comprise people from several different departments. In this way, teams can represent functional concerns that complement a company's existing divisional hierarchy.

Creating a team

A prudent combination of teams is a powerful way to control repository access. For example, if your organization allows only your release engineering team to push code to the master branch of any repository, you could give only the release engineering team Push & Pull permissions to your organization's repositories and give all other teams Pull Only permissions.

  1. In the top right corner of any page, click your profile photo, then click Your profile. Profile photo

  2. On the left side of your profile page, under "Organizations", click the icon for your organization. organization icons

  3. On the right side of the organization profile page, under Teams, click Create new team. Team panel with New Team button selected

  4. On the "Create new team" page, type the name for your new team. Team name field

  5. Optionally, in the "Description" field, type a description of the team. Team description field

  6. Select permission levels for the team. Team permission radio buttons

  7. Click Create team. Create team button

Creating teams with LDAP Sync enabled

Instances using LDAP for user authentication can use LDAP Sync to manage a team's members by mapping a team to an LDAP group on your LDAP server by setting the groups Distinguished Name (DN) in the LDAP group field. This automates granting and removing access to repositories based on LDAP Group membership, so normal team member management within your GitHub Enterprise instance is disabled. The mapped team will sync its members in the background and periodically at the interval configured when LDAP Sync was enabled.

Notes:

  • LDAP Sync only manages the team's member list. You must manage the team's repositories and permissions from within GitHub Enterprise.
  • If an LDAP group mapping to a DN is removed, such as if the LDAP group is deleted, then every member is removed from the synced GitHub Enterprise team. To fix this, map the team to a new DN, add the team members back, and manually sync the mapping.
  1. Ensure that LDAP Sync is enabled.

  2. In the top right corner of any page, click your profile photo, then click Your profile. Profile photo

  3. On the left side of your profile page, under "Organizations", click the icon for your organization. organization icons

  4. On the "Create new team" page, type the name for your new team. Team name field

  5. Search for an LDAP group's DN to map the team to. If you don't know the DN, type the LDAP group's name. GitHub Enterprise will search for and autocomplete any matches. Mapping to the LDAP group DN

  6. Optionally, in the "Description" field, type a description of the team. Team description field

  7. Select permission levels for the team. Team permission radio buttons

  8. Click Create team. Create team button