It´s not very easy to understand with the ce edition.

 

Here is my working config with gitlab ce 10

Before you edit your gitlab.rb please make a backup

 cp /etc/gitlab/gitlab.rb /etc/gitlab/gitlab.rb_org

 

Please remember your are editing a yaml file, yaml files are sensitiv for spaces etc

gitlab_rails[‘ldap_enabled’] = true

gitlab_rails[‘ldap_servers’] = YAML.load <<-EOS # remember to close this block with ‘EOS’ below
main:
label: ‘ActiveDirectory’
host: ‘dc01.example.com’
port: 389 #Change to 636 if using LDAPS
method: ‘plain’ # Change to “tls” if using LDAPS
uid: ‘sAMAccountName’ # Don’t change this
bind_dn: ‘CN=gitlab,OU=users,DC=example,DC=com’
password: ‘mypassowrd’
timeout: 10
active_directory: true
allow_username_or_email_login: false
block_auto_created_users: false
base: ‘DC=example,DC=com’
# Optional: the next line specifies that only members of the user group “gitlab-users” can authenticate to Gitlab:
user_filter: ‘(memberOf=CN=grpGitlab,OU=Application,OU=Servers,DC=example,DC=com)’
EOS

 

 

Attention i have tried a lots of user_filter examples there variants are working for me.

Check your LDAP Access and Group Members

gitlab-rake gitlab:ldap:check

Most found there

https://www.caseylabs.com/setup-gitlab-ce-with-active-directory-authentication/