If you repeat the login request with what you feel is an unchanged request (same parameters) does it succeed? ... sometimes not the on the first retry, but ultimately?
This happens to one group of extensions on your first reboot, and a different group of extensions on the next reboot of the application. Never exhibiting quite the same set of impacted extensions. Am I right?
It is difficult to know the overall registration activity on the system when 'steady state' (non application initialization) failures of this class occur, so trying to unravel why those instances occur would be quite difficult to get one's head around unless you see this in a very controlled lab environment.
I have been asked about this error in the past and am not able to put my finger on why it happens. Unfortunately, reproducability in a lab environment hasn't happened and without pretty exacting tracing of both AE Services and Communication Manager it is difficult to drill down into what may be going wrong. Given where the error is thrown in the code, CM doesn't feel ti got a proper response to a challenge response that is part of the authentication process. It is not specifically the extension/password pair that Communication Manager is complaining about, but some other aspect of the overall exchange. I believe the root cause is either a race condition or some data was overwritten between the request being sent and the response being received.
If you can reproduce this error (specifically the diagnostic string= code= 63773 ) in a lab setting I would be interested in working with you to get some detailed logs so we can document the issue for the R&D team. They most likely would come back at some point requesting even more information than we originally collected.
I am pretty certain if the application repeats the device registration request enough times it will succeed. Particularly if the application rate limits itself (and stumbles into a window of time when other registration activity is fairly quiet).
How many concurrent device registrations does the application do?
What form of rate limiting has been implemented for the application? I suggest reading
https://downloads.avaya.com/css/P8/documents/101036842