Dear Martin,

I will try to answer your questions to the best of my ability.

You can start by trying out the USER VARIANT for customizing.

Please kindly review on this note

621927 Authorization for creation of Support Messages

There are several possibilities to limit the access to service desk

messages.

Within the standard role SAP_SUPPDESK_PROCESS e.g. the authorization

objects CRM_ORD_LP and/or CRM_ORD_OE could be used to restrict the

access dependant on the organizational data.

Another possoibility would be to define specific variants for the

transaction CRM_DNO_MONITOR. If parameter transactions for the

different attributes are set maybe the access to these variants could be

limited.

Further method CRM_ORDER_ADD_AUTH_CHECK of BAdI CRM_ORDER_AUTH_CHECK can

be used to add additional authorization checks for the the business

transaction. Further information about this BAdI is to find in the documentation to this BAdI.

Hopefully the above information helps.

Regards

Amit