------------------------------------------------------------

Policy, settable on a per COS/Account basis. I'd put on the advanced tabs in COS/Account.

The three input fields should only be enabled for editing if the check box is enabled:

[x]  Enabled Failed Login Lockout
   
   [  5 ]             number of consecutive failed logins allowed. Use 0 to allow unlimited failed login attempts.

   [ 30 ] [minutes]   time window in which the failed logins must occur within to lock
                      the account. If 0, only a successful login will clear old failed logins.

   [  2 ] [hours]     time to lockout the account. Use 0 to lockout the account until an admin resets it.

The following needs to be added to the account view:

 - need to handle new "lockout" status (not be confused with "locked", which is a manually set status)
 
 If an account is locked out due to this mechanism, it's status will be set to "lockout". Ideally it would be nice to
 show zimbraPasswordLockoutLockedTime and all values of zimbraPasswordLockoutFailureTime.

------------------------------------------------------------

zimbraAccountStatus will be modified to include a new "lockout" state

The following attributes will be added COS/Account (account overrides COS)

zimbraPasswordLockoutEnabled TRUE/FALSE

       This attribute specifies the action that should be taken when
       a user has made a number of failed attempts to authenticate
       to Zimbra.  If zimbraPasswordLockoutEnabled is TRUE, the user
       will  not  be allowed to attempt to authenticate to Zimbra after
       there have been a specified number of consecutive failed login attempts.
       The maximum number of consecutive failed login attempts allowed 
       is specified by the zimbraPasswordLockoutMaxFailures attribute.  
 
       If zimbraPasswordLockoutEnabled is not present, or if its  value
       is "FALSE", the password may be used to authenticate no matter 
       how many consecutive failed login attempts have been made.

zimbraPasswordLockoutDuration

       This attribute contains the duration during which the password
       cannot  be  used  to  authenticate the user to Zimbra due to too
       many consecutive failed login attempts. 

       If zimbraPasswordLockoutDuration is not present, or if its value is 
       zero (0), the password cannot be used to authenticate the user to
       Zimbra again until it is reset by an administrator (by changing the account status
       back to active).

zimbraPasswordLockoutMaxFailures

       This  attribute contains the number of consecutive failed login attempts
       after which the password may not be used to authenticate a user to
       Zimbra. If zimbraPasswordLockoutMaxFailures is not present, or its
       value is zero (0), then a user will be allowed to continue to attempt 
       to  authenticate  to Zimbra, no matter how many consecutive failed 
       login attempts have  occurred.

zimbraPasswordLockoutFailureLifetime

       This  attribute contains the duration after which old consecu-
       tive failed login attempts are purged from  the  list,  even though 
       no  successful  authentication  has occurred. It used to determine
       the window in which a failed login is considered "consecutive". 

       If zimbraPasswordLockoutFailureLifetime is not present, or its 
       value is  zero  (0), the  list will only be reset by a successful 
       authentication.

       For example, if this attribute is not set, and max failures is set 
       to 3, then one unsuccessful login attempt a day (with no successful 
       login attempts) will cause the account to be locked out on the third
       day. i.e.. If this attribute is set to be one hour, then there must 
       be three failed login attempts within an hour for the account to get
       locked out.

------------------------------------------------------------

These attributes are on an individual Account

zimbraPasswordLockoutLockedTime

       This attribute contains the time that the user's  account  was  locked.
       If  the  account has been locked, the password may no longer be used to
       authenticate the user to Zimbra. 

       An account is considered locked if the current time is less than the
       value zimbraPasswordLockoutLockedTime + zimbraPasswordLockoutDuration.

zimbraPasswordLockoutFailureTime

       If zimbraPasswordLockoutEnabled is set, then this attribute contains the
       timestamps of each of the consecutive  authentication failures made on 
       an account.

       If more then zimbraPasswordLockoutMaxFailures timestamps accumulate
       here then the account will be locked,
       zimbraPasswordLockoutLockedTime will be set to the current time, and
       zimbraAccountStatus will be set to "lockout".

       Excess timestamps beyond those allowed by 
       zimbraPasswordLockoutMaxFailures  will be purged.  

       When a successful authentication is made, all 
       zimbraPasswordFailureTime entries are removed.

---------------------------------
