## What changes were proposed in this pull request? We found out that even if there was a DNS name mismatch in the LDAP server's certificate in `X509v3 Subject Alternative Name` section which we used when connecting via SSL the connection should be open. However using OpenJDK this has been failed (not with Oracle JDK) and LDAP synch was not allowed. Browsing the [source code of OpenJDK](https://github.com/ojdkbuild/lookaside_java-1.8.0-openjdk/blob/master/jdk/src/share/classes/com/sun/jndi/ldap/Connection.java#L386) I found that we may disable endpoint identification by setting the `com.sun.jndi.ldap.object.disableEndpointIdentification` Java system property to `true`. This should not be the case by default but we should allow this for customers having this issue -> these customer can submit this flag when configuring LDAP with `ambari-server setup-ldap`.
## How was this patch tested? In addition to unit testing I've tested LDAP synch with several LDAP settings using both Oracle JDK and OpenJDK. [ Full content available at: https://github.com/apache/ambari/pull/2165 ] This message was relayed via gitbox.apache.org for [email protected]
