Hello Members,

I have a mailbox, which has been disabled because of
"Error: User has failed in too many login attempts, login disabled [D715] User:CN=*** ()"
This is not a big deal, if a user tries to log in at least 5 times with a wrong password within 30 minutes, then he gets disabled for 30 minutes. Everybody accepts this. Unfortunately this user is a VIP and I was asked to checked the logs and search for the ip address of the "intruder". It turned out that there are no login attempts with bad password at all for this user. So I went ahead and made some tests. I tried to log in with webaccess, gw client, imap with wrong password. Every time I log in I see "LDAP Error: 49 () ; LDAP Error: Invalid credentials ()" in the logs. But for this user I don't see anything. I also tried to log in with GMS, but GMS is bound to eDirectory, and intruder detection is turned off in eDir.
So the question is how got this user disabled? Is there anything else in GW that can lead to a login disabled state?