Restrict ldap return attributes
What does this MR do?
Fixes the CE part of #13821 (closed). We really only ever need uid, dn, cn, and mail attributes, and in some cases, even less. This merge request strips the request down to those four attributes by default, and allows the caller to specify others, if needed.
Are there points in the code the reviewer needs to double check?
Why was this MR needed?
This will improve performance especially in cases where the connection is slow between GitLab and LDAP, or when the LDAP object has lots of attributes we don't care about.