Can you share "show run | in aaa" from the switch?
You should have the below listed commands on the switch:
aaa authentication login default group CLI local
aaa authorization exec default group CLI local
On the ACS you should push priv-lvl=15
You may go through the below listed document for better understanding:
http://www.cisco.com/c/en/us/support/docs/security/secure-access-control-system/113590-acs5-tacacs-config.html
Regards,
Jatin Katyal
*Do rate helpful posts*
~Jatin