After a customer had performed some bad edits on various LDAP configuration files, users were locked out and unable to access the system. Root could still login however.
I logged in as root, and rather than mess with various config files, eg under /etc/pam.d, ran this command to disable LDAP authentication and enable “normal” authentication using /etc/shadow:
# authconfig --disableldapauth --disableldap --enableshadow --updateall
After which users could login again.
This was a “lab” system located on an isolated network. On a production server, having direct root login is not recommended, and great care should be exercised before using the authconfig command.