Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

Cisco Unity Connection: Give a User Permissions to use RTMT

Hello Cisco Support Community,


i'm searching for a way to give a user the permission to use the Real-Time Monitoring Tool.

i tried to give the user the same roles as my default admin acount has (Audit Administrator and System Administrator).

now the user can do all the admin tasks, but when he starts rtmt it gives me: "Access forbidden"

any ideas?


i tried it with CUC 9.1(2)SU1

Everyone's tags (2)
New Member

Hi,Try to add this Role in


Try to add this Role in the Application User or End User:

The user can access to the admin page of cucm but only with read permission and he can access to the RTMT.



New Member

hello romeo,thanks for the

hello romeo,

thanks for the answer, but this does not work in unity connection.

New Member

OK, that is for CUCM. So

OK, that is for CUCM. So sorry.



Hello r.rung,On "searching

Hello r.rung,

On "searching for a way to give a user" do you mean a mailbox user or an admin user?

If you just try with the System Administrator role do you get the same message?

Are you using an RTMT (Real Time Monitoring Tool) version downloaded from the CUC admin page or are you attempting with the RTMT donwloaded from CUCM?

If you CUC is a cluster have you tried logging into the other node?


Have you tried re-installing rtmt?





New Member

Hello davrojas, thanks for

Hello davrojas,


thanks for the answer.

basically i wanted to give a mailbox user the right to start rtmt. but for you i tested both:

1. an LDAP Imported mailbox user with the Role "System Administrator"

2. an LDAP Imported admin user with the Role "System Administrator"

3. an AXL-Imported mailbox user with the Role "System Administrator"

all 3 are giving me: Access forbidden. Forbidden

If i type in a different password i get another error, so the authentication works correct.

i tried reinstalling RTMT and the same RTMT works fine for the default admin user which i created in the installation phase.

just to give you an idea why i want to do this: i want to enable Single Singn on for RTMT for Unity Connection. and when i enabled it i need the Permission for an LDAP User because there is no way to enter credentials any more after that.


Hello r.rung,Unfortunately i

Hello r.rung,

Unfortunately i must say this is a bottleneck type of situation and expected as this uses the OS admin account. You can only have one OS admin account and several application admin users, you cannot create other separate OS admin accounts.




New Member

ok, so this means:Basically

ok, so this means:

Basically Single Sign on for RTMT Tool is a supported Feature for Unity Connection, but you can't really use it because there is no way to give an ldap user the permission to use RTMT, right?


Hello r.rung, Based on the

Hello r.rung,


Based on the following link:



Cisco Unity Connection 8.6 and later versions support the single sign-on feature that allows end users to log in once and gain access to use the following Cisco Unity Connection applications without signing on again:

Cisco Personal Communications Assistant

Web Inbox

Cisco Unity Connection Administration

Cisco Unity Connection Serviceability



Where exactly did you read it was supported for RTMT (Real Time Monitoring Tool) ?

New Member

ohh your right.i'm sorry.

ohh your right.

i'm sorry. just the availability of the option to enable sso for rtmt is no indication that this is really supported. my mistake...


Hello r.rung, The option to

Hello r.rung,


The option to enable sso depends on the version of RTMT (Real Time Monitoring Tool) and the Application you are using it for as well.


On the guide below for RTMT version 9.0.1 you will see it is supported for IM and Presence server, but nowhere is CUC mentioned.


Cisco Unified Real-Time Monitoring Tool Administration Guide, Release 9.0(1)


So i think we can wrap this one up  :)

 Hi Try to create an




Try to create an additional user in CUC CLI using set account command with the privilege 0 or 1, I hope it may workout.

New Member

i tried it with the set

i tried it with the set account cli command, but it gives me: Access is denied, please make sure user name and password ... are correct.

because you can't use an os account for RTMT...

CreatePlease to create content