RFR 8239385: KerberosTicket client name refers wrongly to sAMAccountName in AD

[Weijun Wang]

The change looks good to me.

> On Mar 29, 2020, at 8:12 AM, Martin Balao <mbalao at redhat.com> wrote:
> 
> * http://cr.openjdk.java.net/~mbalao/webrevs/8239385/8239385.webrev.00/
> ...

>  * Note: from a client side, sending an NT-ENTERPRISE cname means that
> the cname can change in the response. Windows AD 2016, however, does not
> change it unless 'canonicalize' flag is explicitly set in the request.

Sounds quite reasonable to me. This means "You might find info associated with my other names, but please always call me by my original name".

Thanks,
Max