Hi @Abdullah2u ,
AAA on the Tacacs will work based on the server index over there on the WLC. Request will go to index 1 server if that didn’t respond or unreachable within the timeout configured for the server it will go to the secondary.
check the reachability of the primary server and shared secret of that server once.
If still issue is there , please share the output of debug aaa tacacs enable
Yes, server index 1 will be priority one and 2 will be priority two. Due to reachability, timeout and server index 1 down the AAA request will fall back to secondary.
For the shared secret key, you can get it from Cisco ACS/ISE, based on which is used for tacacs. Go to the network devices configuration on the ACS/ ISE, there you can find a option to view the secret key configured for this WLC.