I don't know anything about the cache but I highly recommend that you use a soft failover to the default user source and leave the administrator user (or another) that can be used if the AD user source fails. The administrator password should, of course, be kept secret.
Config | Security | Users, Roles | Edit …
Failover Source = default.
Failover Mode = soft.
You could do that, creating a set of emergency users - one per role, perhaps. The problem here is that those logins will let anyone with the password in at any time unless you enable / disable them on the gateway.