Problem: After having Taxonomy Access Control and Node Privacy By Role operating all content began to show on all domains. It turns out that Domain Access acts in OR mode with other node access modules so that making content visible under other Node Access systems overrides an Domain Access settings. I have been using both Node Privacy By Role and Taxonomy Access Control and need to find a way to make them work.
Solution: From Googling I learn that a few modules have been developed to allow a few node access based modules to respect Domain access settings on nodes which they permit access to. Two of those I have settled on are:
The former has been tested to work with a number of node access modules and also in combination with the Workflow Modules. The latter is based on a patch made for interoperability with Organic Groups discussed in http://drupal.org/node/1355272
In the current setting Node Privacy By Role (NPBR) controls general editing and viewing access and TAC handles taxonomy based access. The approach now will be to create an additional vocabulary dedicated to access control, with the rights controlled by taxonomy settings. The path doesn't seem so clear now but I am sure it clear itself up as I go along.
One admin task which needs doing is to upgrade Taxonomy Access Control to the -dev version on account these issues - https://drupal.org/node/1358106 and https://drupal.org/node/1281732. The latter is a patch that seems to have worked until https://drupal.org/comment/8246307#comment-8246307.
Conclusion: Installing Domain Access Bridge fixed this leaking content issue. Node Privacy By Role may work with it if works with the standard Drupal Node Access mechanisms (which I am not sure of yet) but I that will have to wait. It is not included on the list and tested modules on the project page. I may have to relearn Content Access and use it instead. Whether it will work in addition to TAC is another. I may try it on a dev version of the site later.