This error is very generic but seems to be related to one of the authentication principles being invalid, could be the related to the principle username or password being invalid, or the connectivity being broken. If the none of the credentials have been changed and users are one second having authentication issues and the next authenticating through without issues then I would tend to lean towards reliability connectivity to the LDAP server (could be the connection being dropped/unstable), or it could be a network issues/ DNS issue that is causing the connectivity in the network to drop or time out. You may need to traceroute the signal path between the ALM server to the LDAP server. I would suggest getting your LDAP and IT Network management teams involved to test the signal routes and that they are stable.
Hope this helps,