Reporter (RP) 10.1.5.5 and higher were added a security feature (b#255375) for account lockout on multiuple failed attempts. This feature could cause falied logons in the below conditions.

NOTE: Users configured to access Reporter utilizing an LDAP based authentication method,  does not affect the lockout of users. The lockout is for local-domain accounts.

The lockout security feature on Reporter is User based, not role based

Upon the last unsucesfull attempt the account is locked and the timer is set to 20 minutes. If the user attempts to login again before the timer runs out and the account is unlocked, the timer is reset for 20 minutes again.

If the RP is managed by Management Center (MC) which makes regular calls to RP using admin crenedentials the timer may never have time to expire.

Make sure that the MC has got the correct credentails and also prevent any further logon attempts for a period of 20 minutes. In terms on MC this can be done by removing the RP from MC or apply a temporary firewall rule to block any traffic from MC to RP.