I would (cost permitting) keep them separate.
The demands of each are quite different, but 802.1x is a complex and often "cutting edge" (read flakey) protocol, or rather the sub-protocols being constantly developed inside it.
Not only that but typically there are many more network "end users" than admins. This puts the ACSs under more strain. If you're going to get problems with resiliance its here.
I've seen one Aironet AP gone mad bring down both primary and secondary ACSs before.
So if you can afford it, I would always put admins on their own ACS.