Account Locked when trying to login?

New Contributor III

We use mobile accounts in our environment tied to our AD.

We know Big Sur has an account lock out issue
PI-009097 (password issue in Big Sur) and PI-009094 (software update policy broken)

However this past week we have seen several users on 10.15 and 10.14 reboot, try to login and get a message that their account is "locked". The solution is to unlock via the console if they are on the internet, or log into a local AD account and run:

pwpolicy -u username enableuser

However I am having trouble being able to track down WHY it happened. Does anyone know what log to look into? And if so, what sort of event am I looking for? I am having trouble troubleshooting without having some more verbose errors.