Password policy: possible DoS scenario

Hello, Thanks to everyone having answered me earlier, I've managed to set up password policy on the OpenLDAP provided in CentOS 5.5 repositories (current version 2.3.43). The setup: we have password policy enabled for users accounts in our intranet. After 5 unsuccessful attempts the account is blocked for short duration (30 seconds). Does that mean that anyone now can keep all the accounts blocked most of the time? Am I right that if anyone enters someone else' incorrect password 5 times (in the given case), they will block the target account (regardless of what IP address the attacker was connecting from)? Narrower question: do password policy module developers plan to take into account what IPs are used to connect (thus, blocking only access from specific IPs)? Thanks. All the best, Konstantin