Add logging for blocked user accounts

Steps to reproduce

Set "login attempts before the user account is blocked" to 5
Try to login using wrong password 5x
User account gets disabled

Expected behaviour

If user account gets disabled report it in the nextcloud.log to make it clear who disabled the user. As an add on a admin notification would be super.

Actual behaviour

Incidence not reported in nextcloud.log, no notification.

Server configuration detail

Operating system: Linux 3.10.0-1127.18.2.el7.x86_64 #1 SMP Sun Jul 26 15:27:06 UTC 2020 x86_64

Webserver: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.24 (apache2handler)

Database: mysql 10.3.13

PHP version:

7.2.24 Modules loaded: Core, date, libxml, openssl, pcre, zlib, filter, hash, Reflection, SPL, session, standard, apache2handler, bcmath, bz2, calendar, ctype, curl, dom, mbstring, fileinfo, ftp, gd, gettext, gmp, iconv, intl, json, ldap, exif, mysqlnd, PDO, Phar, posix, shmop, SimpleXML, sockets, sqlite3, sysvmsg, sysvsem, sysvshm, tokenizer, xml, xmlwriter, xsl, zip, mysqli, pdo_mysql, pdo_sqlite, wddx, xmlreader, apcu, imagick, Zend OPcache

Nextcloud version: 19.0.13 - 19.0.13.1

Updated from an older Nextcloud/ownCloud or fresh install: updated

Where did you install Nextcloud from: github

Signing status

Array ( )

List of activated apps

``` Enabled: - activity: 2.12.1 - checksum: 0.4.5 - cloud_federation_api: 1.2.0 - comments: 1.9.0 - customproperties: 1.0.1 - data_request: 1.6.0 - dav: 1.15.0 - extract: 1.3.2 - federatedfilesharing: 1.9.0 - files: 1.14.0 - files_accesscontrol: 1.9.3 - files_automatedtagging: 1.9.1 - files_downloadactivity: 1.8.0 - files_pdfviewer: 1.8.0 - files_retention: 1.8.2 - files_rightclick: 0.16.0 - files_sharing: 1.11.0 - files_videoplayer: 1.8.0 - flowupload: 1.1.2 - guests: 1.6.3 - impersonate: 1.6.1 - issuetemplate: 0.7.0 - logreader: 2.4.0 - lookup_server_connector: 1.7.0 - metadata: 0.14.0 - music: 1.2.1 - notifications: 2.7.0 - oauth2: 1.7.0 - password_policy: 1.9.1 - privacy: 1.3.0 - provisioning_api: 1.9.0 - quota_warning: 1.8.0 - ransomware_protection: 1.7.1 - serverinfo: 1.9.0 - settings: 1.1.0 - systemtags: 1.9.0 - terms_of_service: 1.5.2 - text: 3.0.1 - theming: 1.10.0 - twofactor_backupcodes: 1.8.0 - updatenotification: 1.9.0 - viewer: 1.3.0 - workflow_script: 1.4.1 - workflowengine: 2.1.0 Disabled: - accessibility - admin_audit - contactsinteraction - encryption - federation - files_antivirus - files_external - files_trackdownloads - files_trashbin - files_versions - firstrunwizard - nextcloud_announcements - photos - recommendations - sharebymail - support - survey_client - user_ldap ```

Configuration (config/config.php)

``` { "instanceid": "***REMOVED SENSITIVE VALUE***", "passwordsalt": "***REMOVED SENSITIVE VALUE***", "secret": "***REMOVED SENSITIVE VALUE***", "trusted_domains": [ "transfer.***REMOVED SENSITIVE VALUE***" ], "datadirectory": "***REMOVED SENSITIVE VALUE***", "dbtype": "mysql", "version": "19.0.13.1", "overwrite.cli.url": "http:\/\/transfer.br.de", "dbname": "***REMOVED SENSITIVE VALUE***", "dbhost": "***REMOVED SENSITIVE VALUE***", "dbport": "", "dbtableprefix": "oc_", "mysql.utf8mb4": true, "dbuser": "***REMOVED SENSITIVE VALUE***", "dbpassword": "***REMOVED SENSITIVE VALUE***", "installed": true, "mail_smtpmode": "smtp", "mail_sendmailmode": "smtp", "mail_from_address": "***REMOVED SENSITIVE VALUE***", "mail_domain": "***REMOVED SENSITIVE VALUE***", "maintenance": false, "theme": "", "loglevel": 2, "mail_smtphost": "***REMOVED SENSITIVE VALUE***", "mail_smtpport": "25" } ```

Client configuration

Browser: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36

Operating system: Windows 10

nextcloud / password_policy