1. You could write a python script which dumps all user entries from local LDAP and then updates them by changing "gluuStatus" attribute to "inactive", except for admin users and the one regular user you need.
2. You could update your custom authentication script (if you use one) to return "False" for every user except the ones you need to be able to access it. If you use basic LDAP authentication instead, you could switch to "basic" custom auth script which is equivalent to it. [This line](https://github.com/GluuFederation/oxAuth/blob/master/Server/integrations/basic/BasicExternalAuthenticator.py#L47) in it retrieves user's login which you could then compare to intended user's login, and return "False" immediately if it doesn't match.