Due to Windows SSO, siteminder auto authenticates the user based on the login ID which Siteminder receives in the request.
So when the request reaches application webserver, Webagent intercepts the requests and process the user requests using NTID.
Since it is a windows SSO, SM doesn't challenge the user with login page, instead it will search the user ID across all the AD's. Thus, User will be authenticated against that AD, where the user is found in the first place.
In a situation like same "TEST1" user exits in two domains (Active Directory), then SM will stop the search at AD1, because "TEST1" user is found in AD1. But same "TEST1" user also exists in AD3, but SM don't check against AD3.
Thus, "TEST1" user will see the user information of other user from AD1, which is not correct.
Please share your ideas.