diff --git a/assets/images/help/enterprises/activity-dashboard.png b/assets/images/help/enterprises/activity-dashboard.png new file mode 100644 index 000000000000..5e31e4a15b00 Binary files /dev/null and b/assets/images/help/enterprises/activity-dashboard.png differ diff --git a/content/admin/administering-your-instance/administering-your-instance-from-the-web-ui/managing-search-indices-for-your-instance.md b/content/admin/administering-your-instance/administering-your-instance-from-the-web-ui/managing-search-indices-for-your-instance.md index b4eebeb869c9..6d06965db872 100644 --- a/content/admin/administering-your-instance/administering-your-instance-from-the-web-ui/managing-search-indices-for-your-instance.md +++ b/content/admin/administering-your-instance/administering-your-instance-from-the-web-ui/managing-search-indices-for-your-instance.md @@ -41,6 +41,23 @@ In normal use, enterprise owners do not need to create new indices or schedule r 1. If you want the index to be searchable, select the **Make this index searchable** checkbox. 1. If you want the index to be writable, select the **Make this index writable** checkbox. 1. Click **Create index**. +1. If your instance uses a high availability or cluster configuration, you will need to run a script to ensure the number of search indices is correctly configured across the instance. + + Access the administrative shell for your primary appliance via SSH, then run one of the following commands. + + For high availability configurations: + + ```shell copy + /usr/local/share/enterprise/ghe-es-auto-expand -v 0-all + ``` + + For cluster configurations: + + ```shell copy + /usr/local/share/enterprise/ghe-es-auto-expand -v 0-1 + ``` + + See "[AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/accessing-the-administrative-shell-ssh)." ## Managing search indices @@ -69,7 +86,7 @@ Your instance uses repair jobs to reconcile the data, and schedules a repair job * A new search index is created. * Missing data needs to be backfilled. * Old search data needs to be updated. - + In the "Repair" section of the search index, a progress bar shows the current status of a repair job across background workers. You can ignore the value shown in the progress bar after a repair job has completed. The progress bar shows the difference between the repair offset and the highest record ID in the database, and will decrease as more repositories are added to {% data variables.location.product_location %} even though those repositories are actually indexed. To minimize the effects on I/O performance and reduce the chances of operations timing out, run the repair job during off-peak hours. As the job reconciles the search index with database and Git repository data, one CPU will be used. Monitor your system's load averages and CPU usage with a utility like `top`. If you don't notice any significant increase in resource consumption, it should also be safe to run an index repair job during peak hours. diff --git a/content/admin/identity-and-access-management/configuring-authentication-for-enterprise-managed-users/about-support-for-your-idps-conditional-access-policy.md b/content/admin/identity-and-access-management/configuring-authentication-for-enterprise-managed-users/about-support-for-your-idps-conditional-access-policy.md index 512b4b80d634..9942b005a395 100644 --- a/content/admin/identity-and-access-management/configuring-authentication-for-enterprise-managed-users/about-support-for-your-idps-conditional-access-policy.md +++ b/content/admin/identity-and-access-management/configuring-authentication-for-enterprise-managed-users/about-support-for-your-idps-conditional-access-policy.md @@ -20,7 +20,10 @@ redirect_from: {% data reusables.enterprise-accounts.emu-cap-validates %} -{% data variables.product.product_name %} supports CAP for any {% data variables.enterprise.prodname_emu_enterprise %} where OIDC SSO is enabled. {% data variables.product.product_name %} enforces your IdP's IP conditions but cannot enforce your device compliance conditions. Enterprise owners can choose to use this IP allow list configuration instead of {% data variables.product.product_name %}'s IP allow list, and can do so once OIDC SSO is configured. For more information about IP allow lists, see "[AUTOTITLE](/admin/configuration/configuring-your-enterprise/restricting-network-traffic-to-your-enterprise-with-an-ip-allow-list)" and "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-allowed-ip-addresses-for-your-organization)." +{% data variables.product.product_name %} supports CAP for any {% data variables.enterprise.prodname_emu_enterprise %} where OIDC SSO is enabled. Enterprise owners can choose to use this IP allow list configuration instead of {% data variables.product.product_name %}'s IP allow list, and can do so once OIDC SSO is configured. For more information about IP allow lists, see "[AUTOTITLE](/admin/configuration/configuring-your-enterprise/restricting-network-traffic-to-your-enterprise-with-an-ip-allow-list#about-your-idps-allow-list)" and "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-allowed-ip-addresses-for-your-organization)." + +* {% data variables.product.product_name %} enforces your IdP's IP conditions but cannot enforce your device compliance conditions. +* Policies for multi-factor authentication are only enforced at the point of sign-in to the IdP. For more information about using OIDC with {% data variables.product.prodname_emus %}, see "[AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/configuring-oidc-for-enterprise-managed-users)" and "[AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/migrating-from-saml-to-oidc)." diff --git a/content/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise.md b/content/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise.md index daa4b8046ca3..f21072944437 100644 --- a/content/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise.md +++ b/content/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise.md @@ -89,7 +89,10 @@ For more detailed information about how to enable SAML using Okta, see "[AUTOTIT 1. Under "SAML single sign-on", select **Require SAML authentication**. 1. In the **Sign on URL** field, type the HTTPS endpoint of your IdP for single sign-on requests. This value is available in your IdP configuration. 1. Optionally, in the **Issuer** field, type your SAML issuer URL to verify the authenticity of sent messages. -1. Under **Public Certificate**, paste a certificate to verify SAML responses. +1. Under **Public Certificate**, paste a certificate to verify SAML responses. This is the public key corresponding to the private key used to sign SAML responses. + + To find the certificate, refer to the documentation for your IdP. Some IdPs call this an X.509 certificate. + {% data reusables.saml.edit-signature-and-digest-methods %} 1. Before enabling SAML SSO for your enterprise, to ensure that the information you've entered is correct, click **Test SAML configuration** . {% data reusables.saml.test-must-succeed %} 1. Click **Save**. diff --git a/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/managing-dormant-users.md b/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/managing-dormant-users.md index c6b01def2916..ac2ef4ef713c 100644 --- a/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/managing-dormant-users.md +++ b/content/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/managing-dormant-users.md @@ -23,6 +23,8 @@ topics: {% data reusables.enterprise-accounts.dormant-user-activity %} +> [!NOTE] You cannot mark a dormant user as active. To become active, a user must perform one of the activities listed above. + {% ifversion ghec %} When assessing user dormancy, we only consider organizations, repositories, or sign-on events that are associated with the enterprise. For example, a user who has recently commented on an issue in a public repository outside of the enterprise may be considered dormant, while a user who has commented on an issue in a public repository within the enterprise will not be considered dormant. {% endif %} diff --git a/content/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/exporting-server-statistics.md b/content/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/exporting-server-statistics.md index 0a7f6a59c695..0dc7056a5b13 100644 --- a/content/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/exporting-server-statistics.md +++ b/content/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/exporting-server-statistics.md @@ -24,7 +24,7 @@ To learn more about {% data variables.product.prodname_github_connect %}, see "[ {% data reusables.enterprise-accounts.access-enterprise %} -1. In the enterprise account sidebar, click **GitHub Connect**. +1. On the left side of the page, in the enterprise account sidebar, click **GitHub Connect**. {% data reusables.server-statistics.csv-download %} diff --git a/content/admin/monitoring-activity-in-your-enterprise/exploring-user-activity-in-your-enterprise/activity-dashboard.md b/content/admin/monitoring-activity-in-your-enterprise/exploring-user-activity-in-your-enterprise/activity-dashboard.md index 3790808301bf..f2d945cb1d50 100644 --- a/content/admin/monitoring-activity-in-your-enterprise/exploring-user-activity-in-your-enterprise/activity-dashboard.md +++ b/content/admin/monitoring-activity-in-your-enterprise/exploring-user-activity-in-your-enterprise/activity-dashboard.md @@ -13,7 +13,9 @@ versions: topics: - Enterprise --- + The Activity dashboard provides weekly, monthly, and yearly graphs of the number of: + * New pull requests * Merged pull requests * New issues @@ -26,6 +28,16 @@ The Activity dashboard provides weekly, monthly, and yearly graphs of the number ## Accessing the Activity dashboard +{% ifversion global-nav-update %} +1. In the top-left corner of any page, select {% octicon "three-bars" aria-label="Open global navigation menu" %}, then click {% octicon "telescope" aria-hidden="true" %} **Explore**. + + ![Screenshot of the navigation bar on {% data variables.product.product_name %}. The "Open global navigation menu" icon is outlined in dark orange.](/assets/images/help/navigation/global-navigation-menu-icon.png) +{% else %} 1. At the top of any page, click **Explore**. -![Screenshot of the navigation bar at the top of the web UI for GitHub Enterprise Server. The word "Explore" is highlighted with an orange outline.](/assets/images/enterprise/settings/ent-new-explore.png) + + ![Screenshot of the navigation bar at the top of the web UI for GitHub Enterprise Server. The word "Explore" is highlighted with an orange outline.](/assets/images/enterprise/settings/ent-new-explore.png) +{% endif %} 1. In the upper-right corner of the page, click {% octicon "pulse" aria-hidden="true" %} **Activity**. +1. To view activity over different periods, click **This week**, **This month**, or **This year**. + + ![Screenshot of the activity dashboard. A line graph compares the number of pull requests merged over this week and the previous week.](/assets/images/help/enterprises/activity-dashboard.png) diff --git a/data/reusables/billing/enterprise-billing-menu.md b/data/reusables/billing/enterprise-billing-menu.md index 7169fc9fa68f..c28a0dc61a35 100644 --- a/data/reusables/billing/enterprise-billing-menu.md +++ b/data/reusables/billing/enterprise-billing-menu.md @@ -1 +1 @@ -1. In the enterprise account sidebar, click {% octicon "credit-card" aria-hidden="true" %} **Billing & Licensing**. +1. On the left side of the page, in the enterprise account sidebar, click {% octicon "credit-card" aria-hidden="true" %} **Billing & Licensing**. diff --git a/data/reusables/code-scanning/click-code-security-enterprise.md b/data/reusables/code-scanning/click-code-security-enterprise.md index bd94918e0a06..58eb176233c7 100644 --- a/data/reusables/code-scanning/click-code-security-enterprise.md +++ b/data/reusables/code-scanning/click-code-security-enterprise.md @@ -1 +1 @@ -1. In the left sidebar, click **{% octicon "shield" aria-hidden="true" %} Code Security**. +1. On the left side of the page, in the enterprise account sidebar, click **{% octicon "shield" aria-hidden="true" %} Code Security**. diff --git a/data/reusables/enterprise-accounts/dormant-user-activity.md b/data/reusables/enterprise-accounts/dormant-user-activity.md index 05fb420183fc..585134a42ca6 100644 --- a/data/reusables/enterprise-accounts/dormant-user-activity.md +++ b/data/reusables/enterprise-accounts/dormant-user-activity.md @@ -2,8 +2,8 @@ A user is considered active if the user has performed any of the following activ * {% ifversion ghec%}Authenticating to access your enterprise's resources via SAML SSO{% else %}Signing into {% data variables.location.product_location %} {% endif %} * Creating a repository -* Pushing to a repository via HTTPS -{% ifversion ghes %}- Pushing to a repository via SSH{% endif %} +* Pushing to a repository via HTTPS{% ifversion ghes %} +* Pushing to a repository via SSH{% endif %} * Being added to a repository * Changing the visibility of a repository * Creating an issue or pull request diff --git a/data/reusables/enterprise-accounts/enterprise-accounts-compliance-tab.md b/data/reusables/enterprise-accounts/enterprise-accounts-compliance-tab.md index 2bd1da8a734b..f00be2214dcf 100644 --- a/data/reusables/enterprise-accounts/enterprise-accounts-compliance-tab.md +++ b/data/reusables/enterprise-accounts/enterprise-accounts-compliance-tab.md @@ -1 +1 @@ -1. In the enterprise account sidebar, click {% octicon "checklist" aria-hidden="true" %} **Compliance**. +1. On the left side of the page, in the enterprise account sidebar, click {% octicon "checklist" aria-hidden="true" %} **Compliance**. diff --git a/data/reusables/enterprise-accounts/people-tab.md b/data/reusables/enterprise-accounts/people-tab.md index d6821f0e1cad..3ec2dc0b4482 100644 --- a/data/reusables/enterprise-accounts/people-tab.md +++ b/data/reusables/enterprise-accounts/people-tab.md @@ -1 +1 @@ -1. In the enterprise account sidebar, click {% octicon "person" aria-hidden="true" %} **People**. +1. On the left side of the page, in the enterprise account sidebar, click {% octicon "person" aria-hidden="true" %} **People**. diff --git a/data/reusables/enterprise-accounts/policies-tab.md b/data/reusables/enterprise-accounts/policies-tab.md index 405962dee8d6..6f84d00ce27a 100644 --- a/data/reusables/enterprise-accounts/policies-tab.md +++ b/data/reusables/enterprise-accounts/policies-tab.md @@ -1 +1 @@ -1. In the enterprise account sidebar, click {% octicon "law" aria-hidden="true" %} **Policies**. +1. On the left side of the page, in the enterprise account sidebar, click {% octicon "law" aria-hidden="true" %} **Policies**. diff --git a/data/reusables/enterprise-accounts/settings-tab.md b/data/reusables/enterprise-accounts/settings-tab.md index f2e8bb807ee5..b53042f25f5d 100644 --- a/data/reusables/enterprise-accounts/settings-tab.md +++ b/data/reusables/enterprise-accounts/settings-tab.md @@ -1 +1 @@ -1. In the enterprise account sidebar, click {% octicon "gear" aria-hidden="true" %} **Settings**. +1. On the left side of the page, in the enterprise account sidebar, click {% octicon "gear" aria-hidden="true" %} **Settings**.