hi @marce1000 

The AP running in flex connect so when WLC-1 down then the AP connect to WLC-2 this make the AP broadcast different SSID.

WLC-1 and WLC-2 have different SSID due serving for different branch,

What i want is the AP keep not connect to WLC-2 since in flex connect mode the AP can operate normally.

  - @hs08                       Those are certainly valid remarks, in the future provide them in the initial post too!
                       So make sure no N+1 settings are provided for high availability to make the
                      AP always remain on the same controller (since you are using different SSID's)
                      + Use DHCP with option 43 to  let the AP find it's controller, do not use
                           static IP's for APs, because then when the controller becomes unavailable they may
                           switch to DHCP and start looking for a controller...!

  M.

hi @Saikat Nandy 

The AP installed in branch and WLC on datacenter. WLC1 will serving for branch1 and WLC2 for branch2

There are 5 possible ways an AP can use to discover a controller - 
1. Broadcast
2. Option 43
3. DNS
4. Manual Priming
5. Previously remembered WLC details.
Based on your info, it looks like that you are using No 4. Now if those 25 APs have joined to WLC2 sometime in the history, then it's already have that info in the flash memory - which also means No 5 will come into picture. In other words, when WLC1 is down, APs will start the WLC hunting process. Using No 5 it will get the details of WLC2 and can join to WLC2 ====> This is one probable scenario/explanation. So now the question comes, how you can tell those 25APs to forget the details of WLC2? The answer is you will have to remove the capwap config, either through AP CLI or or you can do factory reset as well.
There can an another scenario, where you have defined Backup Primary WLC details in WLC1 with the records of WLC2. Note, manual priming aka AP specific configuration is having the highest priority among all the discovery mechanisms out there and it can override your global configuration (the one you do under Backup Primary).

Despite of explaining the scenario, I am still not convinced or not able to understand why you don't want the APs to join WLC2 when WLC1 is down..!!! I see you have mentioned about different SSID config. Why don't you keep the same configuration in both the controllers? Use AP group and flexconnect group to filter out which SSID will be broadcasted by the WLC1 side APs and what is needed on WLC2 side APs. I am assuming you might be having some dot1x SSID and that is Central Auth/Local Switching. If my assumption is true, then the amount of time those 25 APs will be in a 'no man's land', during that time new user auth is not going to happen and as a result new clients won't be able to connect at all.