The default authentication handler does a search query to find the requested user. If the search index is corrupted (often due to an ungentle shutdown of the instance), the authentication handler is not able to find the user. Then, the authentication fails. The LDAP authentication handler does not access the same search index, so LDAP users are still authenticated.