A nice little command to test the AAA server will authenticate your users correctly (also works with PIX and FWSM).

The sytax is like this:

m00nies_ASA# test aaa-server [authentication|authorization] <aaa_server_group> [host <name>|<host_ip>] username <user> password <pass>

If the authentication is successful you'll get- INFO: Authentication Successful
If the authentication fails you'll get- ERROR: Authentication Rejected: Unspecified

A example of a test failure:

m00nies_ASA# test aaa-server authentication CSM-tac-grp username m00nie pass 123abc
Server IP Address or name: 10.0.0.2
INFO: Attempting Authentication test to IP address <10.0.0.2> (timeout: 12 seconds)
ERROR: Authentication Rejected: Unspecified

An example of a successful test :) :

m00nies_ASA# test aaa-server authentication CSM-tac-grp username m00nie pass 456def
Server IP Address or name: 10.0.0.2
INFO: Attempting Authentication test to IP address <10.0.0.2> (timeout: 12 seconds)
INFO: Authentication Successful

Enjoy :)