Well this was a bone head thing to do I guess, although it seemed very easy to do so maybe Cisco has to look into how it does virtual domains.
Anyway, I have TACACS setup on an ACS server, and have been using it to login to the WCS for quite some time now. I upgraded to 5.2 and checked the tasks for TACACS and copied and pasted them into the ACS server and all was fine. It wasn't until I started enabling virtual domains that I ran into an issue. Right after I enabled VD's I logged out and could not log back in. It is giving me an error saying the user does not belong to any virtual domains.
I checked the docs and it does not mention the exact role or task that needs to be added to ACS in order to get this to work, all it says is to copy and paste the tasks from the TACACS list and the Radius list.
The only thing I have not done is copy the Radius stuff because I thought you only used that if you used Radius as the authentication protocol to manage the WCS, which I do not, I use TACACS.
Right now the only thing I can think of is disconnecting the Ethernet cable and logging in from the WCS server itself so it defaults to the local db for authentication when TACACS is down. This is assuming the root user does not get denied as well.
Anyone have a better idea or have the roles or tasks needed to enter into the ACS server?