Users loggin to 3Com switches authenticated by radius not getting admin priv and no access available with radius service down

Following the setup that I have for my Cisco devices, I got some basic level of functionality authenticating users that loggin to 3Com switches authenticated against a RADIUS server. Problem is that I can not get the user to obtain admin privileges. I'm using Microsoft's IAS service. According to 3Com documentation when configuring the access policy on IAS the value of 010600000003 have to be used to specify admin access level. That value have to be input in the Dial-in profile section:

010600000003 - indicates admin privileges  
010600000002 - manager  
010600000001 - monitor  
010600000000 - visitor  

Here is the configuration on the switch:

radius scheme system  
 server-type standard  
 primary authentication XXX.XXX.XXX.XXX  
 accounting optional  
 key authentication XXXXXX  
 key accounting XXXXXX  
#  
domain system  
 scheme radius-scheme system  
#  
local-user admin  
 service-type ssh telnet terminal  
 level 3  
local-user manager  
 service-type ssh telnet terminal  
 level 2  
local-user monitor  
 service-type ssh telnet terminal  
 level 1  

The configuration is working with the IAS server because I can check user login events with the Eventviewer tool.

Here is the output of the DISPLAY RADIUS command at the switch:

 [4500]disp radius

------------------------------------------------------------------

SchemeName  =system                           Index=0    Type=standard  
Primary Auth IP  =XXX.XXX.XXX.XXX  Port=1645   State=active  
Primary Acct IP  =127.0.0.1        Port=1646   State=active  
Second  Auth IP  =0.0.0.0          Port=1812   State=block  
Second  Acct IP  =0.0.0.0          Port=1813   State=block  
Auth Server Encryption Key= XXXXXX  
Acct Server Encryption Key= XXXXXX  
Accounting method = optional  
TimeOutValue(in second)=3 RetryTimes=3 RealtimeACCT(in minute)=12  
Permitted send realtime PKT failed counts       =5  
Retry sending times of noresponse acct-stop-PKT =500  
Quiet-interval(min)                             =5  
Username format                                 =without-domain  
Data flow unit                                  =Byte  
Packet unit                                     =1  


------------------------------------------------------------------

Total 1 RADIUS scheme(s). 1 listed  

Here is the output of the DISPLAY DOMAIN and DISPLAY CONNECTION commands after users log into the switch:

[4500]display domain  
0  Domain = system  
   State = Active  
   RADIUS Scheme = system  
   Access-limit = Disable  
   Domain User Template:  
   Idle-cut = Disable  
   Self-service = Disable  
   Messenger Time = Disable  

Default Domain Name: system  
Total 1 domain(s).1 listed.  


[4500]display connection  
Index=0   ,Username=admin@system  
 IP=0.0.0.0  

Index=2   ,Username=user@system  
 IP=xxx.xxx.xxx.xxx  

 On Unit 1:Total 2 connections matched, 2 listed.  
 Total 2 connections matched, 2 listed.  
[4500]  

Here is the DISP RADIUS STATISTICS:

[4500]  
%Apr  2 00:23:39:957 2000 4500 SHELL/5/LOGIN:- 1 - ecajigas(xxx.xxx.xxx.xxx) in un                                 it1 logindisp radius stat  
state statistic(total=1048):  
     DEAD=1046     AuthProc=0        AuthSucc=0  
AcctStart=0         RLTSend=0         RLTWait=2  
 AcctStop=0          OnLine=2            Stop=0  
 StateErr=0  

Received and Sent packets statistic:
Unit 1........................................
Sent PKT total  :4        Received PKT total:1  
Resend Times     Resend total  
1                1  
2                1  
Total            2  
RADIUS received packets statistic:  
Code= 2,Num=1       ,Err=0  
Code= 3,Num=0       ,Err=0  
Code= 5,Num=0       ,Err=0  
Code=11,Num=0       ,Err=0  

Running statistic:  
RADIUS received messages statistic:  
Normal auth request             , Num=1       , Err=0       , Succ=1  
EAP auth request                , Num=0       , Err=0       , Succ=0  
Account request                 , Num=1       , Err=0       , Succ=1  
Account off request             , Num=0       , Err=0       , Succ=0  
PKT auth timeout                , Num=0       , Err=0       , Succ=0  
PKT acct_timeout                , Num=3       , Err=1       , Succ=2  
Realtime Account timer          , Num=0       , Err=0       , Succ=0  
PKT response                    , Num=1       , Err=0       , Succ=1  
EAP reauth_request              , Num=0       , Err=0       , Succ=0  
PORTAL access                   , Num=0       , Err=0       , Succ=0  
Update ack                      , Num=0       , Err=0       , Succ=0  
PORTAL access ack               , Num=0       , Err=0       , Succ=0  
Session ctrl pkt                , Num=0       , Err=0       , Succ=0  
RADIUS sent messages statistic:  
Auth accept                     , Num=0  
Auth reject                     , Num=0  
EAP auth replying               , Num=0  
Account success                 , Num=0  
Account failure                 , Num=0  
Cut req                         , Num=0  
RecError_MSG_sum:0        SndMSG_Fail_sum :0  
Timer_Err       :0        Alloc_Mem_Err   :0  
State Mismatch  :0        Other_Error     :0  

No-response-acct-stop packet =0  
Discarded No-response-acct-stop packet for buffer overflow =0  

The other problem is that when the RADIUS server is not available I can not log in to the switch. The switch have 3 local accounts but none of them works. How can I specify the switch to use the local accounts in case that the RADIUS service is not available?