Making changes to configuration of projects triggers an Active Directory validation of the users on that project's security matrix which result in AD locks of users windows IDs. Our AD system is set up to lock any ID that attempts to validate and fails to do so 3 times in a row. Users have to contact help desk to unlock IDs after that.
I suspect that there might be an issue with Jenkins keeping older passwords internally and this causes locking when authentication attempts occur with the incorrect password. Our system forces password changes every 90 days. Unable to perform any kind of configuration changes for fear of locking out users.
Rolled back from version 1.26 to 1.24 whch ws previously there and the problem stopped occuring.