cancel
Showing results for 
Search instead for 
Did you mean: 

SD Authorisation

Former Member
0 Kudos

Hi,

I need to restrict the access to VA01, VA02, VA03 and VA05 depending on VKBUR and VKGRP. Is it possible? Do I need to modify any user-exit?

Thanks in advance,

Ricard.

Accepted Solutions (1)

Accepted Solutions (1)

Lakshmipathi
Active Contributor
0 Kudos

This can be achieved via PFCG where you create a role considering those objects and assign the role to the selected users. Take the help of BASIS team if you are not familiar with this TCode

thanks

G. Lakshmipathi

Answers (1)

Answers (1)

Former Member
0 Kudos

Hello Lakshmipathi,

Thanks for the reply.

Sorry, my question needs more detail:

I have created an authorization object with the following fields:

u2022 VKBUR

u2022 VKGRP

I have assigned the authorization object to a role with VKBUR = 0001 and VKGRP = 002. This role has been assigned to several users.

Now I need to add the authority check somewhere in order to restrict VA01, VA02, VA03, VA05 transactions. In other words, only the users must have access to documents with the VKBUR = 0001 and VKGRP = 002 (depending on the values of the new authorization object for each role).

Thanks in advance,

Ricard.

Former Member
0 Kudos

Yes - you will need to add code to a number of the userexits - - mianly in MV45AFZZ:

USEREXIT_READ_DOCUMENT (for display)

USEREXIT_SAVE_DOCUMENT_PREPARE (for create/change)