How to Lock and Unlock Zimbra Accounts from Command Line

There are 5 states of any Zimbra account as explained below. We can use the zmprov command to change the status of an account.

• Active: Active is the normal status for a mailbox account. Mail is delivered and users can log into the client interface.
• Maintenance: When a mailbox status is maintenance, login is disabled and mail addressed to the account is queued at the MTA.
• Locked: When a mailbox status is locked, the login is disabled until you unlock the account, but mail is still delivered to the account. Locked can be set if you suspect that a mail account has been hacked or is being used in an unauthorized manner.
• Closed: When a mailbox status is closed, the login is disabled. This status is used to soft-delete an account. The account exists until you delete it.
• Lockout: Users who try to log in and have forgotten their password are temporarily locked out after a specified number of consecutive failed login attempts. An account’s status is automatically changed to lockout. How long the account is locked out is set by COS or Account configuration, but you can change the lockout status at any time.

Lock a Zimbra Account

To lock the account:

# su - zimbra
# zmprov ma user@domain.com zimbraAccountStatus lock

Unlock a Zimbra Account

To Unlock the account:

# su - zimbra
# zmprov ma user@domain.com zimbraAccountStatus active

To lockout the account:

# su - zimbra
# zmprov ma user@domain.com zimbraAccountStatus lockout

Close a Zimbra Account

To closed the account:

# su - zimbra
# zmprov ma user@domain.com zimbraAccountStatus closed

Maintenance: When a mailbox status is maintenance, login is disabled and mail addressed to the account is queued at the MTA.