Github Enterprise Advanced User Management

Hello,

I have been tasked with managing a locally deployed GitHub Enterprise, I work at a university. Currently only staff use GHE but we would like to roll out to students and faculty this year. We use SAML (via Shibboleth) or LDAP for authentication.

Is there any way to control default access by user type? For example, could we have students be able to create their own organizations and disable that feature for staff? Default user behavior seems to only be set at the enterprise level, is there a way around this?

Hey there @SolomonHD :wave:

Looks like this got lost in the shuffle back in May, but since then we have released:

And we have some docs published, here:

For support with this functionality, we recommend starting with our Enterprise Support team:

Hi, out of the box you are limited to enterprise policy settings and within an organization the organization policy settings if they have not been enforced/restricted by the enterprise policy.

You can prevent users from creating organizations in your enterprise (but this applies to all users, so not and answer to users being allowed and staff not ask)
Across all organizations owned by your enterprise, you can set a base repository permission level (none, read, write, or admin) for organization members, or allow owners to administer the setting on the organization level.
Plus many others enterprise and organization policies if you refer to the documentation.

The Enterprise Managed Users mentioned above will not help you as it applies to the Cloud (github.com) not local server deployment. it would not really help the areas you ask about in the cloud either.

1 Like