Showing results for 
Search instead for 
Did you mean: 
Rising star
Rising star


Why MLA?


  • From my experience in Cisco TAC, I have had numerous customers open TAC case  to achieve Multi-Level Access on Unity i.e System Administration Page(SA Webpage  as we call it in TAC).
  • MLA on Unity is required to reduce administrative overhead or is used in  managed services, as in a Partner installs Cisco Unity, however does not want to  grant full access to the end-customer.
  • Another reason for implementing MLA could be backup Admin account to access  the Unity server Admin page to allow Administrator's backup to make changes and  to reset passwords when Administrator is away from the office.
  • There could be a lot of reasons for implementing MLA and this document is to  help you configure MLA on Cisco Unity and also mentions a couple of known issues  with MLA.


Configuring MLA for accounts which are Cisco Unity  Subscribers


  1. Log into Cisco Unity with an account which has access to Cisco Unity SA  page, typically its either Administrator or unityinstall account.
  2. Once SA page is up, browse to the Class of Service Section.
  3. Create a new Class of Service.
  4. Under system access, check the box Cisco Unity Adminstrator Application  access(This would allow you to modify the options, now check boxes that you  want).
  5. Save the options.
  6. Go to a subscriber whom you want to give these rights.
  7. Select the class of service option for this subscriber and assign the new  COS you just created above.


Configuring MLA for accounts which are not Cisco Unity  Subscribers


  1. Follow steps 1 to 5 above.
  2. Go to a subscriber which will be used for associating the non-subscriber  account.
  3. Select the class of service option for this subscriber and assign the new  COS you just created above.
  4. Now to provide access to the account make use of GrantUnityAccess tool  available in Cisco Unity Tools Depot.
  5. Go to Cisco Unity Tools Depot >> Diagnostic Tools >> Select  GrantUnityAccess



GrantUnityAccess {-u [<domain>\]<alias> | -n <User>[/Cert Authority]} 
                  -s <unity subscriber alias> [-d]
or, GrantUnityAccess -l


   -u     NT Username
   -n     Lotus Notes Full Name (for Domino integrations)
   -s     Subscriber Alias
   -l     List associations that have been made by this tool
   -d     Delete association that was created by this tool

Example 1: To associate the NT4 user NT4DOMAIN\Administrator with Unity  subscriber 'jdoe'

GrantUnityAccess -u NT4DOMAIN\Administrator -s jdoe


Example 2: To undo the association created in Example1, type:

GrantUnityAccess -u NT4DOMAIN\Administrator -s jdoe -d


Example 3: To associate the Lotus Notes user 'Jane Smith' with the Unity  subscriber 'jdoe'

GrantUnityAccess -n "Jane Smith" -s jdoe

Note:- Assuming jdoe is the subscriber in Cisco Unity which will  be associated with the non-subscriber account and has COS which was created  above.



Known Caveats


CSCsu24205 - COS with only read Subscribers  access able to edit entries like transfer


CSCsi34793 - SA:Read Only access to SA can  still see some options


Use the Bug Tool Kit to view the defects

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: