WIP: Make ldap_person more flexible

Zendesk issue: https://gitlab.zendesk.com/agent/tickets/22546

What does this MR do?

Some OmniAuth providers, such as SAML, are very flexible and let administrators choose what to send as the UID. In one customer's case, the server is sending LDAP DNs from SAML. Now we have support to link LDAP users by either UID or DN.

Are there points in the code the reviewer needs to double check?

Not that I know of.

Why was this MR needed?

Customer's SAML idP sends DNs instead of UIDs so SAML auto linking wasn't working. After this change, it should work.