Give access only to LDAP group members

I’ve set up a new GitLab system with user authentication against OpenLDAP. Now all users in the LDAP have access to GitLab but it should be allowed only to members of a special group. How must the user_filter be defined? I’ve tried several examples but always the account then get no access.

uid: 'uid'
method: 'plain' # "tls" or "ssl" or "plain"
bind_dn: ''
password: ''
active_directory: false
allow_username_or_email_login: false
block_auto_created_users: false
base: 'ou=users,dc=MYDOMAIN,dc=LOC'
user_filter: ''

-> doesn’t work: user_filter: ‘(memberUid=cn=git,ou=groups,dc=MYDOMAIN,dc=LOC)’

thanks for your replies