You would probably need to replicate the user data from tje master application to the slave application. And only allow user data changes on the master application. But stuff like sessions/blocked user statistics etc will be maintained on both sides.
LDAP module can be used to import users from Active Directory groups. By using LDAP you can manage your application from AD.
Use the Kerberos winSSO module to enable single sign on for these applications based on AD credentials (auto login id AD account is known)
Each mendix runtime has it's own database and user management. Using another Mendix database as master or slave is not an option.
You can use a custom login on the slave which could validate the user data with the master using a webservice. You then replicate the userdata on the slave.