So, if you configure the loginretries=5, the user will not be able to log in after 5 retries. To enable the login again, you should reset the unsuccessful_login_count parameter by editing the file /etc/security/lastlog or with the following command:

# chsec -f /etc/security/lastlog -a unsuccessful_login_count=0 -s foobar

You can identify this problem by the following message in syslog:

May 19 15:42:41 aixbox auth|security:info sshd[7884888]: Login restricted for foobar: 3004-303 There have been too
many unsuccessful login attempts; please see \tthe system administrator.


# lsattr -El sys0 | grep realmem
realmem 16121856 Amount of usable physical memory in Kbytes

or

# lsattr -El mem0
goodsize 15744 Amount of usable physical memory in Mbytes False
size 15744 Total amount of physical memory in Mbytes False

or

# prtconf|grep "Memory Size"
Memory Size: 15744 MB Good Memory Size: 15744 MB

To disable (or increase) this limit, edit /etc/security/limits and change the parameter fsize to “-1” or whatever value you want.

You can change it in “default” to apply to all users or change it to a specific user.

Remember that the file system should be JFS2.

On AIX, you can use the following commands to unlock na user and force it to change it’s password on first logon:
# pwdadm -f ADMCHG USER