Benchmark: migrate OpenLDAP to vegardit (2.6), hash with {SSHA}

Switch the OpenLDAP side from osixia/openldap (OpenLDAP 2.4.57, unmaintained) to
vegardit/docker-openldap (OpenLDAP 2.6.10).

- Adapt the setup to vegardit's interface: `LDAP_INIT_ORG_DN`,
  `LDAP_INIT_ROOT_USER_DN` (override to `cn=admin,<base>`), `LDAP_INIT_ROOT_USER_PW`,
  disable TLS/LDAPS, and neutralize the image's built-in ppolicy friction
  (lockout, pqChecker, min length) for the benchmark.
- vegardit ships no SHA-2 module, so use `{SSHA}` (Salted SHA-1) instead of
  `{SSHA256}`: it is OpenLDAP core and a built-in OpenDJ scheme, so both servers
  still hash identically. Set `olcPasswordHash {SSHA}` and enable hash-cleartext on
  vegardit's already-loaded ppolicy overlay (no module load or restart needed);
  set OpenDJ's default storage scheme to Salted SHA-1. cn=config edits go via
  EXTERNAL over ldapi as root.
- `mail` is still equality-indexed by default on vegardit (`uid,mail`), so the
  indexed SEARCH-on-mail comparison remains fair.