I have configured an ACS (v4.2) & a WLC 4402 (188.8.131.52) according to the document listed at: http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008076317c.shtml
When I attempt to authenticate a user in the ACS local user database, I receive an auth failure. I have enabled debugging in the WLC's CLI and I see that I get an authentication failure from the ACS. Upon reviewing the ACS's 'failed attempts' log, I see the username I attempt to authenticare with but it reports 'CN user unknown' even though this user is the local database.
During troubleshooting, I discovered that if I modify the AAA client for the WLC and change it to 'Cisco Aironet' rather than 'Cisco Airespace', authentication works perfectly, the proper user is authenticated to the local database and I am able to connect to the SSID. The only issue is that because I'm now using Aironet instead of Airespace, the IETF attributes 064, 065, and 081 (VLAN, 802, and the VLAN ID respectively) do not properly assign the VLAN that the user needs to be on.
Am I missing something?