Thank you for the details on the bug find!! I had the same issue and was able to resolve by adding the virtual domain attribute and then removing it. Funny how it doesn't even work with that attribute set, but you need to do it to get the rest working.
Thx Heaps for your comment. I was fiddling around with the attributes for about 4 hours before I found this post. I followed your tip and it worked perfectly! Now I've got to do the same for the WLCs!
"If you move this rule up it will work, i got around having to move it by excluding WCS as i stating in my earlier post"
I got TACACS on WLC tpo work but only by moving it up to the top. However when I do this it breaks TACACS for my switches, firewalls e.t.c. Can you elaborate on how you got it to work by "exluding the WCS" ?
I had this same issue with WCS 188.8.131.52 and ACS 184.108.40.206.3, added task41=Virtual Domain Management but
had to leave it there for Lobby access to work.
Is there a Cisco Bug id for this?
So WCS 220.127.116.11 has been out awhile, have there been any improvements for using WCS 7.x with ACS 5.2 ? Or do I still need to setup all these taskx= in the ACS server?
CSCsy77385 TACACS and RADIUS custom attribute for Virtual Domain not documented
CSCtc20592 AW: TACACS AAA failing, TACACS users not in Virtual Domain
Documentation does not detail how to add a TACACS+ user into the virtual domain.