We have a number of 5508 WLCs running 22.214.171.124 code where we authenticate the management user against Cisco ACS 5.3 using TACACS+
If you attempt to login either via the web or via SSH the first attempt fails, but the second is successful.
ACS shows both authentication attempts as succeeding.
The WLC shows the first attempt as failing "AAA Authentication Failure for UserName:manager User Type: WLAN USER"
However, the second attempt is shown as successful "AAA Authentication Success for UserName:manager User Type: MGMT USER(READ WRITE)"
Can anyone shed any light as to why the first login attempt is WLAN USER? I cannot see anything in the configuration that would cause this. Management user priority is set to TACACS first, Local second.