Smartcard authentication against LDAP should support Active Directory

As found in #327491 (closed), Smartcard authentication against LDAP doesn't support Active Directory because AD doesn't support the certificateExactMatch matching rule.

There isn't another matching rule that can be used instead, but there are other strategies that can be considered to support Active Directory. This support would be valuable to our customers, especially those within airgapped networks.