It will reset to active when the user attempts to provide successful login credentials after the LockoutDuration has passed.
Make sure they're using the right password, that POP3 or IMAP is enabled for them (whatever mechanism they are using to login) or other things.. check the "wrong" password in the audit log and make sure its correct, or try resetting their password to ensure it matches what they think it is.
This shows that the system will show "locked" even after the time has passed, but will automatically reset itself when they attempt after the Lifetime has passed.. it's not reset to active on a scheduled window of any sort - it's only checked when the login is attempted.
Code:
zimbra@rumpy:~$ zmprov ga test@kristofer.org|egrep -i 'zimbra(PasswordLockout|AccountStatus)'
zimbraAccountStatus: lockout
zimbraPasswordLockoutDuration: 1h
zimbraPasswordLockoutEnabled: TRUE
zimbraPasswordLockoutFailureLifetime: 1h
zimbraPasswordLockoutFailureTime: 20070816172555Z
zimbraPasswordLockoutFailureTime: 20070816172617Z
zimbraPasswordLockoutFailureTime: 20070816172632Z
zimbraPasswordLockoutLockedTime: 20070816172632Z
zimbraPasswordLockoutMaxFailures: 3
so it is locked out one hour three minutes ago, status is locked out..
Code:
zimbra@rumpy:~$ telnet rumpy 110
Trying 127.0.1.1...
Connected to rumpy..
Escape character is '^]'.
+OK rumpy.cybernetik.net Zimbra POP3 server ready
user test@kristofer.org
+OK hello test@kristofer.org, please enter your password
pass <correctpassword>
+OK server ready
quit
+OK rumpy.cybernetik.net closing connection
Connection closed by foreign host.
zimbra@rumpy:~$
and now it's active
Code:
zimbra@rumpy:~$ zmprov ga test@kristofer.org|egrep -i 'zimbra(PasswordLockout|AccountStatus)'
zimbraAccountStatus: active
zimbraPasswordLockoutDuration: 1h
zimbraPasswordLockoutEnabled: TRUE
zimbraPasswordLockoutFailureLifetime: 1h
zimbraPasswordLockoutMaxFailures: 3