Here's a sample config (sanitized) that I need to adapt to ovirt; *I HAVE NO control over the LDAP server.
So far I've managed to figure out through search after search to use LDAPS (TLS isn't an option, thanks!)
Two parts I can't figure out; setting rootDN and setting the organization filter-- members of that particular organization should have access to ovirt, and none others.
#
# Search user and its password.
#
vars.user = uid=newproductslab,cn=users,cn=accounts,dc=corp,dc=ft,dc=com
vars.urootdn = cn=users,cn=accounts,dc=corp,dc=ft,dc=com
vars.password = Ft######
pool.default.serverset.single.server = ${global:vars.server}
pool.default.serverset.single.port = 636
pool.default.auth.simple.bindDN = ${global:vars.user}
pool.default.auth.simple.rootDN = ${global:vars.urootdn}
pool.default.auth.simple.password = ${global:vars.password}
# enable SSL
pool.default.ssl.enable = true
#pool.default.ssl.insecure = false
# Create keystore, import certificate chain and uncomment
# if using ssl/tls.
#pool.default.ssl.startTLS = true
pool.default.ssl.truststore.file = ${local:_basedir}/${global:vars.server}.jks
pool.default.ssl.truststore.password = changeit
example config from testlink
$tlCfg->authentication['method'] = 'LDAP';
/** LDAP authentication credentials */
$tlCfg->authentication['ldap_server'] = 'ldaps://directory.ft.com';
$tlCfg->authentication['ldap_port'] = '636';
$tlCfg->authentication['ldap_version'] = '3';
$tlCfg->authentication['ldap_root_dn'] = 'cn=users,cn=accounts,dc=corp,dc=ft,dc=com';
$tlCfg->authentication['ldap_bind_dn'] = 'uid=newproductslab,cn=users,cn=accounts,dc=corp,dc=ft,dc=com';
$tlCfg->authentication['ldap_bind_passwd'] = 'Ft######';
$tlCfg->authentication['ldap_tls'] = false; // true -> use tls
$tlCfg->authentication['ldap_organization'] = '(nsRoleDN=cn=newproductslab,cn=accounts,dc=corp,dc=ft,dc=com)'; // e.g. '(organizationname=*Traffic)'
$tlCfg->authentication['ldap_uid_field'] = 'uid'; // Use 'sAMAccountName' for Active Directory