LDAP user filter returns either all users in domain or none of the users

My LDAP appears to be able to authenticate correctly because when I turn off the user filter, I can use my A/D credentials to sign in to my GitLab-ee (Starter) environment. ‘sudo gitlab-rake gitlab:ldap:check’ returns all domain users

But when I set my user_filter it does not allow anyone to sign in. ‘sudo gitlab-rake gitlab:ldap:check’ returns no users.

My user_filter is:

base: ‘OU=MyUsers,DC=mydomain,DC=com’
user_filter: ‘(&(objectClass=user)(memberOf:1.2.840.113556.1.4.1941:=GitLab_Users,CN=GitLab_Groups,CN=MySecurityGroups,DC=mydomain,DC=com))’

I have also noticed that my Admin users are not being assigned admin privileges:

#EE only
group_base: ‘OU=GitLab_Groups,OU=MySecurityGroups,DC=mydomain,DC=com’
admin_group: ‘GitLab_Admins’

Results with filters:

me@gitlab:/etc/gitlab$ sudo gitlab-rake gitlab:ldap:check
Checking LDAP …

LDAP: … Server: ldapmain
LDAP authentication… Success
LDAP users with access to your GitLab server (only showing the first 100 results)

Checking LDAP … Finished