diff --git a/content/admin/configuration/configuring-network-settings/configuring-built-in-firewall-rules.md b/content/admin/configuration/configuring-network-settings/configuring-built-in-firewall-rules.md index 4ec517a811..7d14640573 100644 --- a/content/admin/configuration/configuring-network-settings/configuring-built-in-firewall-rules.md +++ b/content/admin/configuration/configuring-network-settings/configuring-built-in-firewall-rules.md @@ -24,6 +24,8 @@ After you install {% data variables.product.prodname_ghe_server %}, all required The UFW firewall also opens several other ports that are required for {% data variables.product.prodname_ghe_server %} to operate properly. For more information on the UFW rule set, see [the UFW README](https://bazaar.launchpad.net/~jdstrand/ufw/0.30-oneiric/view/head:/README#L213). +We do not recommend customizing UFW as it can complicate some troubleshooting issues. + ## Viewing the default firewall rules {% data reusables.enterprise_installation.ssh-into-instance %} diff --git a/content/admin/identity-and-access-management/managing-iam-for-your-enterprise/troubleshooting-identity-and-access-management-for-your-enterprise.md b/content/admin/identity-and-access-management/managing-iam-for-your-enterprise/troubleshooting-identity-and-access-management-for-your-enterprise.md index c8591777fe..841c95ca62 100644 --- a/content/admin/identity-and-access-management/managing-iam-for-your-enterprise/troubleshooting-identity-and-access-management-for-your-enterprise.md +++ b/content/admin/identity-and-access-management/managing-iam-for-your-enterprise/troubleshooting-identity-and-access-management-for-your-enterprise.md @@ -32,6 +32,12 @@ If you're experiencing problems while switching between different authentication ## Accessing your enterprise when SSO is not available When a configuration error or an issue with your identity provider IdP prevents you from using SSO, you can use a recovery code to access your enterprise. For more information, see "[AUTOTITLE](/admin/identity-and-access-management/managing-recovery-codes-for-your-enterprise/accessing-your-enterprise-account-if-your-identity-provider-is-unavailable)." + +## SCIM provisioning errors + +Azure AD will retry SCIM provisioning attempts automatically during the next Azure AD sync cycle. The default SCIM provisioning interval for Azure AD is 40 minutes. For more information about this retry behavior, see the [Microsoft documentation](https://learn.microsoft.com/en-us/azure/active-directory/app-provisioning/how-provisioning-works#errors-and-retries) or contact Azure support if you need additional assistance. + +Okta will retry failed SCIM provisioning attempts with manual Okta admin intervention. For more information about how an Okta admin can retry a failed task for a specific application, see the [Okta documentation](https://support.okta.com/help/s/article/How-to-retry-failed-tasks-for-a-specific-application?language=en_US) or contact Okta support if you need additional assistance. {% endif %} ## SAML authentication errors diff --git a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise.md b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise.md index 78e85c0791..4147a80595 100644 --- a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise.md +++ b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise.md @@ -295,6 +295,7 @@ When the application is ready to receive audit logs again, click **Resume stream 1. A confirmation message is displayed. Click **Delete stream** to confirm. +{% ifversion ghec %} ## Enabling audit log streaming of API requests {% note %} @@ -308,3 +309,4 @@ When the application is ready to receive audit logs again, click **Resume stream {% data reusables.enterprise-accounts.audit-log-tab %} 1. Under "Audit log", click **Settings**. 2. Under "API Requests", select **Enable API Request Events**. +3. {% endif %} diff --git a/content/billing/managing-billing-for-your-github-account/connecting-an-azure-subscription.md b/content/billing/managing-billing-for-your-github-account/connecting-an-azure-subscription.md index 2bbab25299..b250ffad4b 100644 --- a/content/billing/managing-billing-for-your-github-account/connecting-an-azure-subscription.md +++ b/content/billing/managing-billing-for-your-github-account/connecting-an-azure-subscription.md @@ -15,6 +15,8 @@ shortTitle: Connect an Azure subscription {% data reusables.enterprise-accounts.billing-azure-subscription %} For more information, see "[AUTOTITLE](/billing/managing-billing-for-github-actions/about-billing-for-github-actions)," "[AUTOTITLE](/billing/managing-billing-for-github-packages/about-billing-for-github-packages)," and "[AUTOTITLE](/billing/managing-billing-for-github-copilot)." +{% data reusables.enterprise.ghec-trial-azure %} + {% ifversion ghec %} {% note %} diff --git a/content/get-started/signing-up-for-github/setting-up-a-trial-of-github-enterprise-cloud.md b/content/get-started/signing-up-for-github/setting-up-a-trial-of-github-enterprise-cloud.md index ee733393c8..7d77c675ce 100644 --- a/content/get-started/signing-up-for-github/setting-up-a-trial-of-github-enterprise-cloud.md +++ b/content/get-started/signing-up-for-github/setting-up-a-trial-of-github-enterprise-cloud.md @@ -41,6 +41,8 @@ You do not need to provide a payment method during the trial. {% data variables.product.prodname_emus %} is not part of the free trial of {% data variables.product.prodname_ghe_cloud %}. If you're interested in {% data variables.product.prodname_emus %}, please contact [{% data variables.product.prodname_dotcom %}'s Sales team](https://enterprise.github.com/contact). +{% data reusables.enterprise.ghec-trial-azure %} + ## Features not included in the trial The following features are not included in the trial of {% data variables.product.prodname_ghe_cloud %}: diff --git a/data/reusables/audit_log/audit-log-api-info.md b/data/reusables/audit_log/audit-log-api-info.md index e1988240ea..edeab3edcb 100644 --- a/data/reusables/audit_log/audit-log-api-info.md +++ b/data/reusables/audit_log/audit-log-api-info.md @@ -3,4 +3,4 @@ * Added or removed users in an organization, repository, or team * Users being promoted to admin * Changes to permissions of a {% data variables.product.prodname_github_app %} -* API requests (must be enabled) +* {% ifversion ghec %}API requests (must be enabled){% endif %} diff --git a/data/reusables/enterprise/ghec-trial-azure.md b/data/reusables/enterprise/ghec-trial-azure.md new file mode 100644 index 0000000000..fc962396a9 --- /dev/null +++ b/data/reusables/enterprise/ghec-trial-azure.md @@ -0,0 +1 @@ +You cannot add an Azure subscription to an enterprise account that is part of a {% data variables.product.prodname_ghe_cloud %} free trial. \ No newline at end of file diff --git a/data/reusables/scim/emu-scim-rate-limit.md b/data/reusables/scim/emu-scim-rate-limit.md index e48255736b..d0f74b4d97 100644 --- a/data/reusables/scim/emu-scim-rate-limit.md +++ b/data/reusables/scim/emu-scim-rate-limit.md @@ -1,5 +1,5 @@ {% note %} -**Note:** To avoid exceeding the rate limit on {% data variables.product.product_name %}, do not assign more than 1,000 users per hour to the IdP application. If you use groups to assign users to the IdP application, do not add more than 1,000 users to each group per hour. If you exceed these thresholds, attempts to provision users may fail with a "rate limit" error. +**Note:** To avoid exceeding the rate limit on {% data variables.product.product_name %}, do not assign more than 1,000 users per hour to the IdP application. If you use groups to assign users to the IdP application, do not add more than 1,000 users to each group per hour. If you exceed these thresholds, attempts to provision users may fail with a "rate limit" error. You can review your IdP logs to confirm if attempted SCIM provisioning or push operations failed due to a rate limit error. The response to a failed provisioning attempt will depend on the IdP. For more information, see "[AUTOTITLE](/admin/identity-and-access-management/managing-iam-for-your-enterprise/troubleshooting-identity-and-access-management-for-your-enterprise#scim-provisioning-errors)." {% endnote %}