...
In the NMIS configuration you can configure multiple methods which are used for auth failure, so if ms-ldap fails, it will fail back to htpasswd for example. This means if you set auth_method_1 to be ldap and authand auth_method_2 to be htpasswd, and login with the default NMIS credentials (and you have not changed the password), the authentication for LDAP will fail, and then authentication with the users.dat will succeed and the user will be logged in. The limit for different auth_method variables is 3.
It is important to change your default passwords if you expect any level of security.
...