Thanks for the further information provided by Mohib.
Following the steps as shown in "Part 3/3: Managing Authentication After You've Setup Cache Refresh", new users can now login to the Gluu server.
However, there comes another problem. Without the original backend LDAP server, all administrator accounts no longer exist. On the other hand, all new users (from the AD server) do not have administrator rights. What is the suggested approach for having administrators under the new arrangement (using the AD server for authentication)?
My only idea is that, with the original backend LDAP server still in use, import new users from the AD server, appoint some new users as administrators, then start using the AD server for authentication.
I wonder whether there can be a better approach with less human intervene. For example, can a new user be directly imported as an administrator? If so, how can it be done?