Moderate users
If you are assigned the Owner role for a group, you can approve, ban, or automatically remove dormant members.
Ban and unban users
-
Introduced in GitLab 15.8 with a flag named
limit_unique_project_downloads_per_namespace_user
. Disabled by default.
A group Owner can moderate user access by banning and unbanning users. You should ban a user when you want to block them from the group.
A banned user:
- Cannot access the group or any of repositories.
- Cannot use slash commands.
- Does not occupy a seat.
Ban a user
For a demo on banning a user at the group level, see Namespace level ban - Banning a user.
Prerequisites:
- In the top-level group, you must have the Owner role.
- In the top-level group, if the user you want to ban has the Owner role, you must demote the user.
To manually ban a user:
- Go to the top-level group.
- On the left sidebar, select Manage > Members.
- Next to the member you want to ban, select the vertical ellipsis ().
- From the dropdown list, select Ban member.
Unban a user
To unban a user with the GraphQL API, see Mutation.namespaceBanDestroy
.
For a demo on unbanning a user at the group level, see Namespace level ban - Unbanning a user.
Prerequisites:
- In the top-level group, you must have the Owner role.
To unban a user:
- Go to the top-level group.
- On the left sidebar, select Manage > Members.
- Select the Banned tab.
- For the account you want to unban, select Unban.
Automatically remove dormant members
Introduced in GitLab 17.1 with a flag named group_remove_dormant_members
. Disabled by default.
Prerequisites:
- You must have the Owner role for the group.
You can enable automatic removal of group members who either:
- Were added to the group more than a week ago and have no activity in the group.
- Have no activity in the group for a specified period of time. The default and minimum is 90 days. Activities involve:
- Git HTTP/SSH activities, such as
clone
andpush
. - Visiting pages related to dashboards, projects, issues, merge requests, settings, and so on.
- Using the API in the scope of the group.
- Using the GraphQL API in the scope of the group.
- Git HTTP/SSH activities, such as
- On the left sidebar, select Search or go to and find your group.
- On the left sidebar, select Settings > General.
- Expand Permissions and group features.
- Scroll to Dormant members.
- Select the Remove dormant members after a period of inactivity checkbox.
- In the Days of inactivity before removal field, enter the number of days before removal. The minimum is 90 days, the maximum is 1827 days (5 years).
- Select Save changes.
After the member has reached the days of inactivity and is removed from the group:
- They still have access to GitLab.com.
- They do not have access to the group.
- Contributions made to the group are still assigned to the removed member.