We're looking at the changes in 2.5 and have set up a test system to run schema upgrades, etc. We're confused about the LDAP changes removing LDAP groups from the UI. When we try to add access rules for a project based on group, it doesn't seem to accept any LDAP groups at all. We've tried the plain name and distinguished name, neither work.
[gerrit]
basePath = /var/lib/git-test
[database]
type = MYSQL
hostname = localhost
database = reviewdb_test
username = gerrit2
poolLimit = 32
poolMinIdle = 16
poolMaxIdle = 16
poolMaxWait = 6s
[auth]
type = HTTP_LDAP
httpHeader = REMOTE_USER
[sendemail]
smtpUser = root
[sshd]
listenAddress = *:29419
[cache]
directory = cache
[download]
scheme = ssh
[ldap]
username = CN=LDAP,OU=Service Accounts,DC=domain,DC=com
accountBase = DC=domain,DC=com
accountScope = sub
accountFullName = displayName
accountEmailAddress = mail
accountSshUserName = sAMAccountName
accountMemberField = memberOf
accountPattern = (&(objectClass=user)(sAMAccountName=${username}))
groupBase = DC=mmrd,DC=com
groupName = cn
groupScope = sub
localUsernameToLowerCase = true
This all works correctly w/ 2.4.2. What are we doing wrong?