I'm running Jenkins 2.21 and I got it running on LDAP with only the following details.
This is from the config.xml, which you can translate into the frontend.
<rootDN>dc=example,dc=com</rootDN>
<inhibitInferRootDN>false</inhibitInferRootDN>
<userSearchBase>cn=users,cn=accounts</userSearchBase>
<userSearch>uid={0}</userSearch>
<groupSearchBase>cn=groups,cn=accounts</groupSearchBase>
<groupSearchFilter>memberOf=cn=jenkins,cn=groups,cn=accounts,dc=example,dc=com</groupSearchFilter>
<groupMembershipStrategy class="jenkins.security.plugins.ldap.FromGroupSearchLDAPGroupMembershipStrategy">
<filter></filter>
</groupMembershipStrategy>
<managerDN>uid=jenkins,cn=sysaccounts,cn=etc,dc=example,dc=com</managerDN>
<managerPasswordSecret>TRLkkCtAA1X2hAyqXXXXXXXXXXXXXXXXXXXOsJz8Q3txUCTprcl/qTItIFNDrR5x7</managerPasswordSecret>
<disableMailAddressResolver>false</disableMailAddressResolver>
<displayNameAttributeName>displayname</displayNameAttributeName>
<mailAddressAttributeName>mail</mailAddressAttributeName>
<userIdStrategy class="jenkins.model.IdStrategy$CaseInsensitive"/>
<groupIdStrategy class="jenkins.model.IdStrategy$CaseInsensitive"/>
</securityRealm>