We'll be adding a user to our FreeIPA system specifically for the LDAP connection.   In the FreeIPA interface, under users, add a new user - I called my user "nextcloudsysuser".  I assigned them to "admin" and "ipausers" groups. If you prefer, you can create a "nextcloudusers" group, and then add