How to stop processing authentication from other user stores configured in the domain even if it hits a disabled user?