Ansible created user on Windows, gets ".EC2AMAZ-ELNOCH3" appended to username

I have created a Windows Server 2019 AMI using Packer, and Ansible as provisioner.

I have added a user jenkins, and copied SSH files (public/private key, known_hosts, authorized_keys) to C:\Users\jenkins\.ssh.

This is the relevant part of my Ansible playbook:

    - name: Ensure user jenkins is present
      ansible.windows.win_user:
        name: jenkins
        password: ***REDACTED***
        state: present
        groups:
          - Users

    - name: Create directory structure
      ansible.windows.win_file:
        path: C:\Temp\
        state: directory

    - name: Allow write and execute access to User jenkins
      ansible.windows.win_acl:
        user: jenkins
        path: C:\Temp
        type: allow
        rights: ExecuteFile,Write

    - name: Copy SSH keys
      ansible.windows.win_copy:
        src: ./files/.ssh
        dest: C:\Users\jenkins
      vars:
        ansible_become_user: jenkins
        ansible_become_password: ***REDACTED***
        # The tmp dir must be set when using win_copy as another user
        # This ensures the become user will have permissions for the operation
        # Make sure to specify a folder both the ansible_user and the become_user have access to (i.e not %TEMP% which is user specific and requires Admin)
        ansible_remote_tmp: C:\Temp

I start an EC2 instance from this AMI.

I login with ssh:

ssh -i ~/.ssh/***REDACTED***.pem jenkins@ec2-***REDACTED***.compute.amazonaws.com -vvv

I am not logged in with the SSH key, but I can login with the password.

This is the SSH debug log:

debug3: load_hostkeys: loaded 1 keys from ***REDACTED***
debug1: Host 'ec2-***REDACTED***.compute.amazonaws.com' is known and matches the ECDSA host key.
debug1: Found key in /home/amedee/.ssh/known_hosts:161
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: /home/amedee/.ssh/***REDACTED***.pem  explicit
debug2: pubkey_prepare: done
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug3: start over, passed a different list publickey,password,keyboard-interactive
debug3: preferred gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/amedee/.ssh/***REDACTED***.pem
debug3: sign_and_send_pubkey: RSA SHA256:3OWWXRDheAUWZ9kxRiSJPvwFy1/Nh3//CdbLirDuFSM
debug3: sign_and_send_pubkey: signing using rsa-sha2-512 SHA256:3OWWXRDheAUWZ9kxRiSJPvwFy1/Nh3//CdbLirDuFSM
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug2: we did not send a packet, disable method
debug3: authmethod_lookup keyboard-interactive
debug3: remaining preferred: password
debug3: authmethod_is_enabled keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug3: send packet: type 50
debug2: we sent a keyboard-interactive packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug3: userauth_kbdint: disable: no info_req_seen
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: 
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
jenkins@***REDACTED***.compute.amazonaws.com's password:

I am then greeted by Windows in this way:

Microsoft Windows [Version 10.0.17763.1637]
(c) 2018 Microsoft Corporation. All rights reserved.

jenkins@EC2AMAZ-ELNOCH3 C:\Users\jenkins.EC2AMAZ-ELNOCH3>

So I am not logged in as user jenkins but as user jenkins.EC2AMAZ-ELNOCH3.

A user jenkins also exists:

jenkins@EC2AMAZ-ELNOCH3 C:\Users\jenkins.EC2AMAZ-ELNOCH3>dir .. 
 Volume in drive C has no label.
 Volume Serial Number is E43B-9F7E

 Directory of C:\Users

12/11/2020  02:19 PM    <DIR>          .
12/11/2020  02:19 PM    <DIR>          ..
12/11/2020  01:51 PM    <DIR>          Administrator
12/11/2020  02:02 PM    <DIR>          jenkins
12/11/2020  02:22 PM    <DIR>          jenkins.EC2AMAZ-ELNOCH3 
12/12/2018  07:45 AM    <DIR>          Public
               0 File(s)              0 bytes
               6 Dir(s)  12,552,163,328 bytes free

and it has the SSH files that I copied using Ansible:

jenkins@EC2AMAZ-ELNOCH3 C:\Users\jenkins.EC2AMAZ-ELNOCH3>dir ..\jenkins\.ssh
 Volume in drive C has no label.
 Volume Serial Number is E43B-9F7E

 Directory of C:\Users\jenkins\.ssh

12/11/2020  02:02 PM    <DIR>          .
12/11/2020  02:02 PM    <DIR>          ..
11/13/2020  10:57 AM             1,221 authorized_keys    
11/13/2020  10:57 AM             1,675 id_rsa
11/13/2020  10:57 AM               401 id_rsa.pub
11/13/2020  10:57 AM             7,962 known_hosts        
               4 File(s)         11,259 bytes
               2 Dir(s)  12,552,081,408 bytes free

When I try an SSH connection with this .EC2AMAZ-ELNOCH3 appended to the username, then I can't login with a password:

ssh -i ~/.ssh/***REDACTED***.pem jenkins.EC2AMAZ-ELNOCH3@ec2-***REDACTED***.compute.amazonaws.com -vvv
.
.
.
debug1: Next authentication method: password
jenkins.EC2AMAZ-ELNOCH3@ec2-***REDACTED***.compute.amazonaws.com's password: 
debug3: send packet: type 50
debug2: we sent a password packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password,keyboard-interactive
Permission denied, please try again.
jenkins.EC2AMAZ-ELNOCH3@ec2-***REDACTED***.compute.amazonaws.com's password:

When I am logged in as user jenkins.EC2AMAZ-ELNOCH3, I copy the files from C:\Users\jenkins\.ssh\ to C:\Users\jenkins.EC2AMAZ-ELNOCH3\.ssh\ and break the connection. Next time I login with SSH, passwordless login works, which proves that my SSH keys are correct but are in the wrong directory.

I don't want this user jenkins.EC2AMAZ-ELNOCH3 to exist. How can I make sure that only the user jenkins exists?

FYI I am only familiar with Linux, so if your answer contains advanced Windows terminology, then please elaborate. The last Windows version I used, was Windows 3.11. This is also the first time that I'm doing anything with Ansible, but I feel pretty confident that I understand the gist of it.

jenkins@EC2AMAZ-ELNOCH3 means you are logged in as the user jenkins on the machine EC2AMAZ-ELNOCH3.
C:\Users\jenkins.EC2AMAZ-ELNOCH3 means Windows found that upon logging in, the folder C:\Users\jenkins already existed, but it was not the correct one for the user jenkins; thus Windows had to create a new user profile folder.

If you log in to a machine called bar with a local user account called foo, your default user profile folder will be C:\Users\foo; but if this folder already exists and Windows can't map it to the actual user account (for whatever reasons), it will create a new one; to get around the duplicate folder name, Windows will append the machine name to it, so the new user profile folder will be called C:\users\foo.bar.

This has nothing to do with the username, which is still definitely foo.

As for the reason why this happened, I have no clue. But this is standard Windows behavior with duplicate user profile folders.