07-30-2010 9:28 PM
Greetings,
I am currently attempting to restrict the t-code VDH1N as there is a request to restrict the Customer Hierarchy Type within the transaction code. I have executed VDH1N and analyzed the ST01 trace results and found no authorization objects which relate to this field within the t-code.
SAP simply checks for the following objects the way the system is currently configured: S_TCODE (standard check), S_PROJECT, and V_KNA1_VKO. I then resorted to checking SU24 to see whether any of the objects relate to Customer Hierarchy Type and here is what I found (none seem to relate to this field):
S_ADMI_FCD System Authorizations
S_DATASET Authorization for file access
S_DEVELOP ABAP Workbench
S_DOKU_AUT SE61 Documentation Maintenance Authorization
S_GUI Authorization for GUI activities
S_PRO_AUTH IMG: New authorizations for projects
S_PROJECT Project Management: Project authorization
S_RFC Authorization Check for RFC Access
S_TCODE Transaction Code Check at Transaction Start
S_TRANSLAT Translation environment authorization object
V_KNA1_VKO Customer: Authorization for Sales Organizations
I performed a search on this forum and there is no mention of t-code VDH1N either. Can anyone suggest any possibilities to restrict this field using standard authorization objects?
Thanks and Kind Regards.
07-30-2010 10:38 PM
Hi,
I quickly checked the code and it looks like there is no check for Customer Hierarchy Type. You need to go with custom object. There is a routine check_authority where all authorization checks for sales. org.,distr. channel and division are performed. It looks like a good spot to add custom authorization check. You can easily enhance it using one of twi implicit enhancement points: start and end of routine.
Cheers
07-30-2010 10:38 PM
Hi,
I quickly checked the code and it looks like there is no check for Customer Hierarchy Type. You need to go with custom object. There is a routine check_authority where all authorization checks for sales. org.,distr. channel and division are performed. It looks like a good spot to add custom authorization check. You can easily enhance it using one of twi implicit enhancement points: start and end of routine.
Cheers
07-30-2010 11:52 PM
Hello Martin,
Thank you for the informative reply. I sort of suspected this as I could not find an authorization object relating to this field. I will get back and let the requester know that an enhancement will be required if restriction is required at this level.
07-19-2011 11:22 PM
Hi Benjamin,
Did you end up creating a custom Authorization Object to check for Customer Hierarchy Type? I didn't find any Authorization Objects for Customer Hierarchy. If yes, which user exit did you use to call the custom Authorization Object?
Thank you,
Chuck