After upgrading from an old 6.x version to gitlab-ce-8.6.5-ce.0.el6.x86_64 using the package repo, ldap authentication no longer worked.
Our domain controllers do not support TLS 1.2, and that is what gitlab is now connecting with.
My workaround has been to use plain, which makes me uneasy.
Is there a way to disable tls1.2 when performing external ldap authentication, at least while I hound the team that manages the domain controllers to make tls 1.2 work?