diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-06-01 12:09:24 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-06-01 12:09:24 +0300 |
commit | 3b1df712c7a15c9b6abadd61e9c8894fdeb0442a (patch) | |
tree | 6b9ca4abcc0f2114b86f40a49c3715005d1791c1 /doc/user | |
parent | 8f535d9082bb0f10f2ef6b9133dbc77691ace4db (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc/user')
-rw-r--r-- | doc/user/admin_area/settings/sign_in_restrictions.md | 12 | ||||
-rw-r--r-- | doc/user/enterprise_user/index.md | 9 | ||||
-rw-r--r-- | doc/user/project/import/github.md | 1 |
3 files changed, 15 insertions, 7 deletions
diff --git a/doc/user/admin_area/settings/sign_in_restrictions.md b/doc/user/admin_area/settings/sign_in_restrictions.md index 951e0784c88..df719004062 100644 --- a/doc/user/admin_area/settings/sign_in_restrictions.md +++ b/doc/user/admin_area/settings/sign_in_restrictions.md @@ -32,13 +32,13 @@ In the event of an external authentication provider outage, use the [GitLab Rail > [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/2158) in GitLab 13.10. -If you are an administrator, you might want to work in GitLab without the access that -comes from being an administrator. While you could create a separate user account that -doesn't have administrator access, a more secure solution is to use *Admin Mode*. +If you're an administrator, you might want to work in GitLab without administrator access. +You could either create a separate user account that does not have +administrator access or use Admin Mode. -With Admin Mode, your account does not have administrative access by default. -You can continue to access groups and projects you are a member of, but to access -administrative functionality, you must authenticate. +With Admin Mode, your account does not have administrator access by default. +You can continue to access groups and projects you're a member of. However, for administrative tasks, +you must authenticate (except for [certain features](#limitations-of-admin-mode)). When Admin Mode is enabled, it applies to all administrators on the instance. diff --git a/doc/user/enterprise_user/index.md b/doc/user/enterprise_user/index.md index 7bb8705ace0..2d89d7e5997 100644 --- a/doc/user/enterprise_user/index.md +++ b/doc/user/enterprise_user/index.md @@ -25,7 +25,8 @@ A user account is considered an enterprise account when: A user can also [manually connect an identity provider (IdP) to a GitLab account whose email address matches the subscribing organization's domain](../group/saml_sso/index.md#link-saml-to-your-existing-gitlabcom-account). By selecting **Authorize** when connecting these two accounts, the user account with the matching email address is classified as an enterprise user. However, this -user account does not have an **Enterprise** badge in GitLab. +user account does not have an **Enterprise** badge in GitLab, and a group Owner cannot +disable the user's two-factor authentication. Although a user can be a member of more than one group, each user account can be provisioned by only one group. As a result, a user is considered an enterprise @@ -160,3 +161,9 @@ A top-level group Owner can [set up verified domains to bypass confirmation emai A top-level group Owner can use the [group and project members API](../../api/members.md) to access users' information, including email addresses. + +## Troubleshooting + +### Cannot disable two-factor authentication for an enterprise user + +If an enterprise user does not have an **Enterprise** badge, a top-level group Owner cannot [disable or reset 2FA](#disable-two-factor-authentication) for that user. Instead, the Owner should tell the enterprise user to consider available [recovery options](../profile/account/two_factor_authentication.md#recovery-options). diff --git a/doc/user/project/import/github.md b/doc/user/project/import/github.md index 118e7caf123..e7732c02fdf 100644 --- a/doc/user/project/import/github.md +++ b/doc/user/project/import/github.md @@ -30,6 +30,7 @@ When importing projects: - The importer also imports branches on forks of projects related to open pull requests. These branches are imported with a naming scheme similar to `GH-SHA-username/pull-request-number/fork-name/branch`. This may lead to a discrepancy in branches compared to those of the GitHub repository. +- The organization the repository belongs to must not impose restrictions of a [third-party application access policy](https://docs.github.com/en/organizations/managing-oauth-access-to-your-organizations-data/about-oauth-app-access-restrictions) on the GitLab instance you import to. <i class="fa fa-youtube-play youtube" aria-hidden="true"></i> For an overview of the import process, see [Migrating from GitHub to GitLab](https://youtu.be/VYOXuOg9tQI). |