Openldap as local registration entity


I am trying to set up a a docker architecture with a local openldap container which is not exposed to the public. For administration purposes I want to set up a phpldapadmin which links to the local openldap container and exposes a port to the public.
However this seems to be not as easy as I thought. I used the images from osixia/openldap and osixia/phpldapadmin . I set up the openldap which opens port 389 locally. I configured phpldapadmin to access the ldap host on localhost.
I receive the error message that ldap server could not be connected on phpldapadmin. If I expose the openldap port to the public and set the phpmyadmin ldap host configuration to the public IP it works. However it seems not smart to expose a directory server to the public if not absolutely necessary. Are there any best practices on how to do that?
The perfect scenario would be to link all containers which require access to ldap using the --link option, but I am not sure how to move on there even after reading the documentation several times. How would I connect e.g. phpldapadmin to a locally exposed openldap container, whereas the phpldapamin ist publicly exposed?

Thanks for any hint