Allow LDAP users to be synced on login again

Related to gitlab-org/gitlab-ee!643

Previously, on user sign in group sync would run. This meant users didn't have to wait to see the groups/projects they were a member of. When we refactored group sync this was taken away. It's was a necessity due to performance.

However, I think we can add something that will work for Active Directory or any LDAP server that maintains a memberOf attribute on the user. This would be much more performant than the previous sync. This would also work on concert with the current group sync.

Proposal

On user sign in, if the customer is using Active Directory, or another system that has memberOf attribute on the user objects in LDAP/AD, trigger a sync to update the group/projects he's a member of.

Documentation Blurb

Add section to https://docs.gitlab.com/ee/administration/auth/ldap-ee.html.

Sync on login

For LDAP servers that support the memberOf function, GitLab will sync the user with LDAP, this way any recent updates such as groups or project membership will be visible to the user at login, rather than having to wait for the periodic LDAP sync.