User federation cascading mechanism


I am trying to set up my local keycloak with two different user providers.
One AD and one LDAP.

I would like to be able to let users login with the email address and either password (ad or ldap).
For doing so i try to:

disable “Login with email” in the login-settings of the realms.

set up for LDAP:
priority: 0
Username LDAP attribute: mail
RDN LDAP attribute: mail
UUID LDAP attribute: mail
Import Users: off

mapping Username: mail

set up for AD:
priority: 1
Username LDAP attribute: userPrincipalName
RDN LDAP attribute: userPrincipalName
UUID LDAP attribute: userPrincipalName
Import Users: off

mapping Username: userPrincipalName

I can login with email with LDAP. If i try the same with the AD password i will be promped to wrong password.

I need to disable LDAP user provider, then AD starts to work.

Is there a way to establish a cascade mechanism, so if the first provider fails, and attempt with the second one is fired up with the same username - email in my case?