In a scenario where multiple User Storage providers are configured, and you have 2 LDAP providers configured against Kerberos realm (assuming both use same keytab file). Keycloak ideally should look up after the user being authenticated in each one (following priority order) until find it.

For example, in a scenario where we have two providers: LDAP A and LDAP B, if the user couldn't be found in the first one, Keycloak would look up in LDAP B.

Today, if the user couldn't be found in the first one, the authentication flow stops and return an authentication error to the client.