From the CLI of the Primary node:

Saved existing admin user credentials into backup file Call failed: Code 500 - HTTP Error 500: Internal Server Error Response: {"error_message_key":"general.failure","error_arguments":["1","passwd: Have exhausted maximum number of retries for service\n"]}, 

VMware Aira Operations 8.18.x

The line "use_authtok"  was in the incorrect location within the settings of /etc/pam.d/system-password.

Example:

# Begin /etc/pam.d/system-password

# use sha512 hash for encryption, use shadow, and try to use any previously
# defined authentication token (chosen password) set by any prior module

password required pam_pwquality.so dcredit=-1 ucredit=-1 lcredit=-1 ocredit=-1 minlen=8 minclass=4 difok=4 retry=3 maxsequence=0 enforce_for_root use_authtok
password required pam_unix.so sha512 shadow use_authtok no_pass_expiry

# End /etc/pam.d/system-password

Workaround:
- SSH to the  Aria Operations node
- Make a copy of the system-password file:

cp /etc/pam.d/system-password etc/pam.d/system-password.copy

- Edit the file /etc/pam.d/system-password.

The file should look like this (including the actual order of the lines):

# Begin /etc/pam.d/system-password

# use sha512 hash for encryption, use shadow, and try to use any previously
# defined authentication token (chosen password) set by any prior module

password required pam_pwquality.so dcredit=-1 ucredit=-1 lcredit=-1 ocredit=-1 minlen=8 minclass=4 difok=4 retry=3 maxsequence=0 enforce_for_root 
password required pam_pwhistory.so remember=5 retry=3 enforce_for_root use_authtok 
password required pam_unix.so sha512 shadow use_authtok no_pass_expiry

# End /etc/pam.d/system-password

- Save the file 
- Attempt the admin password reset operation again