In two AD-domains configuration (adom.organization.com, ddom.organization.com, binding as different users) when exist same user in both domains with different passwords, logon to Jenkins as user of ddom domain:
DDOM\user, ddom\user or email@example.com
initiate in log
and after some logons, adom\user account from another domain ADOM being locked due to multiple bad password attempts.
I think it happens because authentication go though all list of configured domains(tcpdump show connects to all domains).
It is possible to initiate authentification of ddom\user only in home domain ddom.organization.com?