@kajetan321 So I literally got this to work this afternoon after lots of fiddling around (and trying several different "working" configs).
I ended up doing:
url: ldap://10.10.x.x:389/
check cert = OFF
Use StartTLS = OFF
base= DC=company,DC=com
Credentials:
dn = adqueryaccount@company.com
password = ....
user filter=(userPrincipalName={{name}})
ID Attribute= dn
The part that tripped me up forever was the Credential DN. I was putting all sorts of values, not realizing the simple UPN would work. Also the user used to query AD, needs to have the matching UPN suffix as your regular users. My account was defaulted to an internal .lan domain. It kept failing. As soon as I changed its UPN to match my corporate.com domain, everything started working.
You can test this, by simply using YOUR domain admin username/psw in the dn and password sections to test with. This eliminates the username being the source of the problems.