releasing: Use the read-only LDAP replicas
James and I already applied this change during the hackathon, but that (and my admin access) was apparently reverted by the casc mechanism here. Jenkins does not write to LDAP (or even use an account that could do that) so it should be using the read-only LDAP replicas.