Depends on bug 21336 for the ADMINISTRATIVE_LOCKOUT constant.
This is a bit lazy solution (but good enough): The account will not be found
when recovering the password. The user should contact the library. Since
the library chose to lock the account, that seems appropriate.
Select a borrower and set login_attempts to -1. Via mysql command line or
Enable password recovery.
Try to recover password from OPAC. You should fail with 'Not found, contact