Is there a way for Orion to monitor and alert when a user account is locked in our Active Directory?
You could probably use the windows event log template to check the Security log of the AD server for lockout related events:
(I got these event IDs from http://www.windowsnetworking.com/nt/atips/atips155.shtml)
I've never tried this, but...
You could use an Active Directory/LDAP monitor. It will let you execute a LDAP query. You should be able to query for the number of locked out users.
