We have ACS 3.3 and planned to upgrade to 4.2 - however when we installed 4.2 on our test system we found that an extra field was required in the TACACS set up for switches - within Network Configuration -> Network Device Groups -> AAA setup, there is a shared secret.
None of our (1500+) switches have had a share secret on them before for TACACS, so my question is what is the best approach to upgrade to 4.2.
If we install 4.2 first then we lose TACACS to all the switches until we have added a shared secret to the switches. If we add the shared secret TACACS+ fails.
We have Cisco LMS - so if we need to add the shared ket to the switches then we can do it via LMS - but we cannot afford to lose access to the switches as these are used 24 x 7.
BTW in case you are wondering about the number of switches - we are a retail company with 153 stores across the UK and each store has a minimum of three switches.....