Hi,
I am a bit confused with the topology of yours.This is what i understand:
You have two ACS appliances running ACS 4.2. They are configured in replication and fallback in the wireless network.
The authentication is to happen via the AD. so the ACS Appliances are to talk to AD for authentication.
The issue you faced last time while testing the fallback was the users did not authenticate at all despite the primary was down and secondary up. Please correct me if i am wrong.
Question for you is how did you stop the services of the primary appliance?
fallback will happen when the primary is down i.e. not reachable and the request will then be forwarded to the secondary ACS. It should work if the wlc is configured with primary and secondary authentication server in your wlc.
Please check if the authentication servers are defined in your WLC i.e. Wlan > edit > security > AAA server.
Regards,
Anisha
P.S.: please mark this link as answered if you feel your query was answered.