Hi Denis,
The answer depend on the application ( typically how it determines the user DN and what it checks and what type of authentication it uses)
The absolute minimum for simple authentication is to have an userpassword attribute.
so any entry with an objectclass allowing userpassword is fine.
(typically those having "simpleSecurityObject" objectclass or those derived from "person" objeclass)
That is enough for applications like ldasearch or ldapmodify that do not do any other check than trying to authenticate to the ldap server.
But some application have more strict requirement (typically looking for specific objectclass)
For example Unix/Linux authentication over LDAP requires entries with "posixAccount"
other applications looks for "person" or "inetorgperson" ...