Match username to subject in CSR before signing

I setup auth ldap to authenticate users who and then sign certificates. Is there away to deny certificate signing unless the username match the cn=username before signing is allowed?

Make sure a user can not sign a csr with a different user’s name.