Single sign-on for Nextcloud and email server

I’m trying to set up an on-prem instance of Nextcloud that will authenticate with an on-prem mail server. I’m hoping to allow password changes through Nextcloud so that the mail client is synchronously authorized as well. I’ve tried using iRedMail with OpenLDAP but I cannot reach the ldap server from another server for some reason. I did set up a separate OpenLDAP server and can authenticate with Nextcloud but the schema is unique for iRedMail so I haven’t figured out how to make both servers authenticate to the same source. I’d be open to even just spinning up with own postfix/dovecot server if that will authenticate with OpenLDAP.

So I am asking:

  1. Has anyone setup Nextcloud/Mail Server solution that authenticates on the same service?

  2. If you do this, can you change the password via Nextcloud and have it update the authentication source so that the Nextcloud email client will stay connected with the new password as well?