On trying to add a new OpenFire instance today it was found that the admin login to the web page for the OpenFire instances and the Spark client logins were failing. (Essentially each instance is a separate install of Openfire on the same server but in different directories - we do this to segregate the chat groups from one another.)
Review of the logs indicate it was still trying to use the original Windows Domain Controller for LDAP/AD user/password lookups that we'd originally...