The Content Analysis (CAS) appliance reports that the admin account is locked out. When reviewing the messages diagnostics log or the audit log, the following entry can be found:

CAS info auditlog[8429]: INFO : Token authentication failed because user admin is locked out

• Content Analysis (CAS)
• Management Center (MC)

This is typically caused by a credential mismatch between the CAS appliance and Broadcom Management Center (MC).

If the admin password was changed on the CAS appliance but not updated in Management Center, MC will continue attempting to poll the device using the old credentials. This creates a "lockout loop" where Management Center repeatedly fails authentication until the CAS security policy locks the account.

Step 1: Update Management Center Credentials

1. Log in to the Management Center console.

2. Navigate to Network Managed Devices.

3. Select the affected Content Analysis device.

4. Click Edit.

5. In the Connection Parameters section, update the Password field with the current, correct password.

6. Click Connect and Save. This stops the MC from sending the incorrect credentials that caused the lockout.

Step 2: Unlock the Admin Account via Serial Console
Since the admin account is locked for network-based access (SSH/HTTPS), a physical or virtual serial connection is required.

1. Connect to the CAS appliance via the Serial Console port (9600, 8, N, 1).

2. Provide administrator credentials at the prompt.

3. Execute the following commands to reset the lockout:
enable
configure terminal
authentication 
local-lockout reset admin

4. Verify successful access by logging into the CAS Web Management Console (HTTPS).