We have an issue in the server where the admin (uid=admin,ou=system) account can get locked
permanently based on the ppolicy configuration to lock accounts .
IMO we should allow all user and admin accounts to get locked permanently (again, based on the ppolicy config)
except the system's built-in admin account (uid=admin,ou=system). This is just to prevent any abuse involving a
regular admin account.
Please suggest if you have any other opinions or suggestions based on the operations perspective in a production environment.