TACACS service logs in tracker as success when doing AAA test server against it, but actual attempted authentication fails with this in the controller's log (and no Access Tracker entry):
Sep 25 19:06:27 :124004: <DBUG> |authmgr| RX (sock) message of type 10, len 324
Sep 25 19:06:27 :124004: <DBUG> |authmgr| aal_authenticate user:khall vpnflags:0
Sep 25 19:06:27 :124004: <DBUG> |authmgr| unknown user=192.168.1.119, method=Management
Sep 25 19:06:27 :124004: <DBUG> |authmgr| aal_authenticate server_group:default
Sep 25 19:06:27 :124004: <DBUG> |authmgr| Select server for method=Management, user=khall, essid=<>, server-group=clearpass-TACACS-srvr-gp, last_srv <>
Sep 25 19:06:27 :124004: <DBUG> |authmgr| server=clearpass, ena=1, ins=1 (1)
Sep 25 19:06:27 :124038: <INFO> |authmgr| Selected server clearpass for method=Management; user=khall, essid=<>, domain=<>, server-group=clearpass-TACACS-srvr-gp
Sep 25 19:06:27 :199802: <ERRS> |authmgr| tacplus.c, tacplus_api:49: Invalid authentication protocol for TACACS+
Sep 25 19:06:27 :124066: <INFO> |authmgr| Administrative User Authentication Successful: username=khall IP=192.168.1.119 auth server=clearpass
Sep 25 19:06:27 :124003: <INFO> |authmgr| Authentication result=(null)(-1), method=Management, server=clearpass, user=192.168.1.119
Sep 25 19:06:27 :124004: <DBUG> |authmgr| Auth server 'clearpass' response=-1
Sep 25 19:06:27 :125027: <DBUG> |aaa| mgmt-auth: khall, failure, , 0
Sep 25 19:06:27 :125022: <WARN> |aaa| Authentication failed for User khall, Logged in from 192.168.1.119 port 56645, Connecting to 192.168.1.2 port 4343 connection type HTTPS
It says it's successful @ "Sep 25 19:06:27 :124066" but then gives "Authentication result=(null)(-1)" which ultimately results in fail. Any ideas?!?