No, it does not disable mutual cert verification. Checks to make sure that the certificate is issued by a trusted root CA are still done. All you are disabling is checking a 3rd location to see if the CN on the certificate exists there. So if you wanted to make sure that the CN of the certificate exists in LDAP or AD or somewhere else, then you would want the compare CN to be enabled.
The only other check you would want from a security perspective would be CRL or OCSP. You want to make sure that the certificate has not been revoked.