Openfire LDAP logons fail randomly

We used to run Openfire 3.7.1 on a Windows VM but recently moved our Openfire server to a Linux VM running Openfire 3.8.1.  We've been having random login issues.    We had no issues on the previous version, the only changes are that it's now running 3.8.1 and under linux as opposed to winodws.

-bash-4.1$ uname -a

Linux servername 2.6.32-279.el6.x86_64 #1 SMP Wed Jun 13 18:24:36 EDT 2012 x86_64 x86_64 x86_64 GNU/Linux

Java Version:	1.6.0_41 Sun Microsystems Inc. -- Java HotSpot(TM) Server VM
Appserver:	jetty/7.x.y-SNAPSHOT
Host Name:	servername
OS / Hardware:	Linux / i386
Locale / Timezone:	en / Eastern Standard Time (-5 GMT)
Java Memory	46.60 MB of 454.38 MB (10.3%) used

It is binded to Active Directory and uses a AD security group (with nested security groups) for authenication.   It seems like the LDAP login times out.    We are binding to port 389 since it seems like LDAP over SSL 636 was even slower.

Users/Group takes forever to display correctly and will sometimes time out and just be completely blank.  There are approximately 501 users.

ldap.searchFilter  (&(objectclass=organizationalPerson)(|(memberOf:1.2.840.113556.1.4.1941:=CN=UIT -Jabber-Users,**removed,DC=edu)))

Info Logs will display tons of User Login Failed. PLAIN authenicated failed for: user

2013.03.25 09:11:53 org.jivesoftware.openfire.net.SASLAuthentication - User Login Failed. PLAIN authentication failed for: user

2013.03.25 09:13:20 org.jivesoftware.openfire.net.SASLAuthentication - User Login Failed. PLAIN authentication failed for: user

2013.03.25 09:13:46 org.jivesoftware.openfire.net.SASLAuthentication - User Login Failed. PLAIN authentication failed for: user

2013.03.25 09:14:08 org.jivesoftware.openfire.net.SASLAuthentication - User Login Failed. PLAIN authentication failed for: user

javax.naming.CommunicationException: ***name removed.edu:389 [Root exception is java.net.ConnectException: Connection timed out]

        at com.sun.jndi.ldap.Connection.<init>(Unknown Source)

        at com.sun.jndi.ldap.LdapClient.<init>(Unknown Source)

        at com.sun.jndi.ldap.LdapClient.getInstance(Unknown Source)

        at com.sun.jndi.ldap.LdapCtx.connect(Unknown Source)

        at com.sun.jndi.ldap.LdapCtx.<init>(Unknown Source)

        at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(Unknown Source)

        at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(Unknown Source)

        at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(Unknown Source)

        at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(Unknown Source)

        at javax.naming.spi.NamingManager.getInitialContext(Unknown Source)

        at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)

        at javax.naming.InitialContext.init(Unknown Source)

        at javax.naming.ldap.InitialLdapContext.<init>(Unknown Source)

        at org.jivesoftware.util.JiveInitialLdapContext.<init>(JiveInitialLdapContext.java :43)

        at org.jivesoftware.openfire.ldap.LdapManager.getContext(LdapManager.java:535)

        at org.jivesoftware.openfire.ldap.LdapManager.retrieveList(LdapManager.java:1838)

        at org.jivesoftware.openfire.ldap.LdapUserProvider.getUsernames(LdapUserProvider.j ava:177)

        at org.jivesoftware.openfire.user.UserManager.getUsernames(UserManager.java:266)

        at org.jivesoftware.openfire.roster.RosterManager.getSharedUsersForRoster(RosterMa nager.java:849)

        at org.jivesoftware.openfire.roster.Roster.getSharedUsers(Roster.java:658)

        at org.jivesoftware.openfire.roster.Roster.<init>(Roster.java:148)

        at org.jivesoftware.openfire.roster.RosterManager.getRoster(RosterManager.java:116 )

        at org.jivesoftware.openfire.handler.PresenceUpdateHandler.broadcastUpdate(Presenc eUpdateHandler.java:305)

        at org.jivesoftware.openfire.handler.PresenceUpdateHandler.process(PresenceUpdateH andler.java:147)

        at org.jivesoftware.openfire.handler.PresenceUpdateHandler.process(PresenceUpdateH andler.java:135)

        at org.jivesoftware.openfire.handler.PresenceUpdateHandler.process(PresenceUpdateH andler.java:199)

        at org.jivesoftware.openfire.PresenceRouter.handle(PresenceRouter.java:148)

        at org.jivesoftware.openfire.PresenceRouter.route(PresenceRouter.java:84)

        at org.jivesoftware.openfire.spi.PacketRouterImpl.route(PacketRouterImpl.java:84)

        at org.jivesoftware.openfire.net.StanzaHandler.processPresence(StanzaHandler.java: 355)

        at org.jivesoftware.openfire.net.ClientStanzaHandler.processPresence(ClientStanzaH andler.java:100)

        at org.jivesoftware.openfire.net.StanzaHandler.process(StanzaHandler.java:272)

        at org.jivesoftware.openfire.net.StanzaHandler.process(StanzaHandler.java:194)

        at org.jivesoftware.openfire.nio.ConnectionHandler.messageReceived(ConnectionHandl er.java:181)

        at org.apache.mina.common.support.AbstractIoFilterChain$TailFilter.messageReceived (AbstractIoFilterChain.java:570)

        at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)

        at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53)

        at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648)

        at org.apache.mina.common.IoFilterAdapter.messageReceived(IoFilterAdapter.java:80)

        at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)

        at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53)

        at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648)

        at org.apache.mina.filter.codec.support.SimpleProtocolDecoderOutput.flush(SimplePr otocolDecoderOutput.java:58)

        at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecF ilter.java:185)

        at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)

        at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53)

        at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648)

        at org.apache.mina.filter.executor.ExecutorFilter.processEvent(ExecutorFilter.java :239)

        at org.apache.mina.filter.executor.ExecutorFilter$ProcessEventsRunnable.run(Execut orFilter.java:283)

        at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)

        at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)

        at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:51)

        at java.lang.Thread.run(Unknown Source)

Caused by: java.net.ConnectException: Connection timed out

        at java.net.PlainSocketImpl.socketConnect(Native Method)

        at java.net.PlainSocketImpl.doConnect(Unknown Source)

        at java.net.PlainSocketImpl.connectToAddress(Unknown Source)

        at java.net.PlainSocketImpl.connect(Unknown Source)

        at java.net.SocksSocketImpl.connect(Unknown Source)

        at java.net.Socket.connect(Unknown Source)

        at java.net.Socket.connect(Unknown Source)

        at java.net.Socket.<init>(Unknown Source)

        at java.net.Socket.<init>(Unknown Source)

        at com.sun.jndi.ldap.Connection.createSocket(Unknown Source)

        ... 53 more

Any ideas?