06-17-2010 8:35 PM
HI, I need restrict teh access to transaction IQ02 (with role) to level of "Plant" (SerData), but this transaction only restrict maintenance plant and planning plant.
1) A new authorization object has been created, for this field name (B_WERK)
2) The IQ02 transaction has been changed for check this new object
3) The rol has been changed and contains this authorization object.
but the transaction doesn't consider this check...I can change the serial number of all plants.
Somebody know how restrict this?
Regards
ClaDiCa
06-17-2010 8:53 PM
Hi,
when you have created custom auth object,did you link the custom object to transaction
and in transaction did you change the custom auth object to "check maintain" i.e in Su24.
And in the program, ask developer to maintain authority check statement for this custom auth object
And in the role did you add the tcode in menu tab then click on auth tab ->export mode->read old status & merge with new data.
custome object gets pulled into the role.
generate the role do the user comparsion.
Thanks,
Sri