Teams give organizations the ability to create groups of members and control access to repositories. Team members can be granted read, write, or admin permissions to specific repositories.
Teams are central to many of GitHub's collaborative features, such as team @mentions to notify appropriate parties that you'd like to request their input or attention. For more details on how you can use organizations and teams to control repository access, see "Permission levels for an organization repository".
Teams can map to physical teams within your company, but they can also represent areas of interest or expertise. For example, a team of accessibility experts on your Enterprise instance could comprise people from several different departments. In this way, teams can represent functional concerns that complement a company's existing divisional hierarchy.
Creating a team
A prudent combination of teams is a powerful way to control repository access. For example, if your organization allows only your release engineering team to push code to the master
branch of any repository, you could give only the release engineering team Push & Pull permissions to your organization's repositories and give all other teams Pull Only permissions.
In the top right corner of any page, click your profile photo, then click Your profile.
On the left side of your profile page, under "Organizations", click the icon for your organization.
On the right side of the organization profile page, under Teams, click Create new team.
On the "Create new team" page, type the name for your new team.
Optionally, in the "Description" field, type a description of the team.
Select permission levels for the team.
Click Create team.
Creating teams with LDAP Sync enabled
Instances using LDAP for user authentication can use LDAP Sync to manage a team's members by mapping a team to an LDAP group on your LDAP server by setting the groups Distinguished Name (DN) in the LDAP group field. This automates granting and removing access to repositories based on LDAP Group membership, so normal team member management within your GitHub Enterprise instance is disabled. The mapped team will sync its members in the background and periodically at the interval configured when LDAP Sync was enabled.
Notes:
- LDAP Sync only manages the team's member list. You must manage the team's repositories and permissions from within GitHub Enterprise.
- If an LDAP group mapping to a DN is removed, such as if the LDAP group is deleted, then every member is removed from the synced GitHub Enterprise team. To fix this, map the team to a new DN, add the team members back, and manually sync the mapping.
Ensure that LDAP Sync is enabled.
In the top right corner of any page, click your profile photo, then click Your profile.
On the left side of your profile page, under "Organizations", click the icon for your organization.
On the "Create new team" page, type the name for your new team.
Search for an LDAP group's DN to map the team to. If you don't know the DN, type the LDAP group's name. GitHub Enterprise will search for and autocomplete any matches.
Optionally, in the "Description" field, type a description of the team.
Select permission levels for the team.
Click Create team.