Hi Alexander,
I have already checked on the pitfalls that you have mentioned. Except for the last one, are you referring to the service user or a common user? (user mapping with mapping mode Principal and Realm, and source ADS Data Source).
Also, I have done some troubleshooting of my own and found out that the error encountered is during the SPNegoLoginModule, where I have defined the option "com.sap.spnego.jgss.name" with value of the domain "maynilad.com.ph".
Regards,
Tom