In our company it is mandatory to change the passwords regularly. The last batch of password changes caused an overload on the LDAP-Server (Kerberos). It took a long time to figure out the cause:
Due to the remember me and the corresponding cookie a user grants access to the Jenkins automatically although his password changed. In the background the Jenkins starts to poll the LDAP-Server. Like that a single user causes an overload to the LDAP Server. The IT then simply isolates the Jenkins - making it unavailable. As soon as the user logs out and in again the LDAP requests quite down.
An image of the stacktrace is attached that I assume to show the corresponding code area.
Workaround: We sent a mail to all our Jenkins-Users to logout an all running instances immediately. This is unreliable as some fail to follow this instructions causing the service to be offline frequently. A clear password cache does not seem to be possible as administrator.