What Goes Wrong?

Attempting to lock an edge port using the EdgeConf MAC address locking facility will (under certain conditions) fail, resulting in the port becoming locked into an "intermediate state" where the port cannot be locked to any MAC address, nor unlocked.

Why Does This Happen?

This will happen if you are attempting to lock a port to a MAC address which is already locked on another port somewhere on the same device. In this case, most of the locking code is applied to the port, but the last command which does the actual MAC locking fails because an individual MAC address can only be locked to one port on a device. This is a Cisco IOS issue, and as such is not within the control of the AANTS team.

How Do I Fix It?

Right now the only known way to fix this situation is to edit the config file by hand. Send an email to the AANTS admins requesting that they unlock the port. You can mention that the procedure for fixing a half-locked port is outlined in Knowledge Base article 5335.