You just maintain a local/serial-only root account for that eventuality.
[Edit] And make sure internet-facing production services don't rely on administrative LDAP.
You just maintain a local/serial-only root account for that eventuality.
[Edit] And make sure internet-facing production services don't rely on administrative LDAP.