Unable to Login to Firewalls through the GUI or CLI with any users

• Unable to Login to Firewalls through the GUI or CLI with any users, no prior warning received 
• Password expired for failed user

• The Firewall authd.logs show "warning period=0" and "password_expiry_locked = TRUE" for this user 
  
  

2021-06-07 08:15:31.025 +0300 debug: pan_auth_check_password_expiry_and_authenticate(pan_auth_state_engine.c:1266): Password profile values for user: user1:profile=global, expiry period=90, warning period=0, expired admin logon count=0, grace period=0
2021-06-07 08:15:31.025 +0300 debug: pan_auth_check_password_expiry_and_authenticate(pan_auth_state_engine.c:1274): user "user1": last password change tim = Mon Mar 8 13:26:16 2021, so elapsed_days = 90, while expiry period = 90
2021-06-07 08:15:31.033 +0300 debug: _lock_unlock_user(pan_auth_state_engine.c:335): lock_user = 1; is_exp_admin = 0 --> password_expiry_locked = TRUE
2021-06-07 08:15:31.033 +0300 debug: pan_auth_check_password_expiry_and_authenticate(pan_auth_state_engine.c:1367): Password expired for failed authenticated user "user1

• PAN-OS
• Palo Alto Firewall

Password expired for failed authenticated user. The "warning period=0" indicates why a warning wasn't received.

To log back into the firewall

1. Reboot the firewall and then try to login the device
2. If the above procedure is failed, then Boot into maintenance mode and load a previously saved named config as follows.
3. Once in maintenance mode, continue to the 'Select Running Config' option.
4. .Choose a previous version of the running-config for which the administrator password is known and reboot the device with this config.
5. .Check if you are able to login in to the firewall,
   1. If you are able to log in, and the device is in HA then sync the configuration to the peer from the command line 

      > request high-availability sync-to-remote running-config

      
       
6. If the above fails, a factory reset will need to be performed.