I think you would have to customize this, by querying LDAP for the status of the account (I think its a binary value) and then display a different error message.
Some food for thought, is it possible to switch to https and set IE to see the URL as a trusted system and pass the log in information to the server? If an account is locked then the session should fail and would be less auths for the end user, if it just signs in for them; similar to SharePoint from M$.