LDAP Authentication pfSense

System -> User Manager -> Authentication Servers -> Add

Descriptive name: <your ldap name>
Hostname or IP address: <your ldap ip>
Transport: TCP
Peer Certificate Authority: Do not change/use
Protocol version: 3
Server Timeout 25
Search Scope: Entire Tree
Base DN: dc=example,dc=com
Authenication containers: ou=Users,dc=example,dc=com
Extended query: unchecked/No
Bind anonymous: unchecked/No
Bind credentials: cn=admin,dc=example,dc=com - <ldap password>
Intial Template: OpenLDAP
User naming attribute: cn
Group naming attribute: cn
Group member attribute: memberOf
RFC 2307 Groups: unchecked/No
Group Object Class: groupOfNames
UTF8 Enconde: checked/Yes
Username Alterations: unchecked/No

System -> User Manager -> Groups -> Add

Group name: <your group name from ldap>
Scope: remote
Description: Administrators from LDAP
Group membership: Do not change

Edit the Group you just created,  Assigned Privileges -> Add

Assign WebCfg - All pages would make this group admin already, then please assign "User - *"  according to your need. I would create a superadmin group first then create groups with less privileges 

System -> User Manager -> Settings

Change Authentication Server to <your ldap name>

click Saves & Test and make sure all with green check passed

For more trouble shooting can go to Diagnostics - Authentication 

VPN  -> OpenVPN  -> Servers -> Add and create an openvpn server to your specifics
Then edit it and for Backend for authentication , select <your ldap name>
It is suggested that create a different group with different privileges for openvpn users, they do not need admin rights.