cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

VL02N - Security around Outbound Delivery

Former Member

on ‎04-01-2016 8:23 PM

0 Kudos

Hello Gurus,

I have a situation, where one of the user been able to change/update the Outbound delivery for other location or plant.

Here is the situation :

User A is located in North America and he has been assigned with North America plants/CC/Shipping points.

We had been reported that User A updated Outbound deliver "12345678" which belongs to Indian plant. We checked and found that roles are already restricted at shipping point, plant and company code level. And at Org level he didn't have Indian plant at all. But still he "User A" were able to update deliver which belongs to Indian plant.

I understand that, Each delivery been assigned to respective plant and all data stored at LIKP table.

My question is, there is any way to have restriction around this and prevent user not to perfom such acivity in SAP system if they don't have plant number been assigned at org level.

Regards,

Kumar

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

Bernhard_SAP
Employee
Employee
‎04-04-2016 7:25 AM
0 Kudos

moved to Logistics.

Show replies
Show replies
Former Member
‎04-04-2016 2:31 PM
0 Kudos

Thanks Bernhard!!

Is that mean, if user has access to VL02N then they can update/change any outbound delivery.

We as a Security Consultant do not have any control to prevent such incident?

Not sure Logistic team will answer this question or not, I believe this has to be handle by security group.

Anyways Many thanks !!

JL23
Active Contributor
‎04-12-2016 12:24 AM
0 Kudos

As you can read in KBA 1794615 - Logistics Execution Authorization V_LIKP_VST there are a lot standard messages that will prevent changing a delivery if the authorization is not given.

From this point of view you have to recheck your authorization setup for this user.

Eventually it could help to know what field was actually changed, maybe the change is coming from a different transaction/process

michael_kozlowski
Active Contributor
‎04-03-2016 10:14 AM
0 Kudos

Plant is not scope of authorization check in VL02N. Only authorization object V_LIKP_VST Delivery: Authorization for Shipping Points is checked.

Show replies
Show replies
Former Member
‎04-04-2016 2:16 PM
0 Kudos

Thanks Mike for your response!!

However question will remain same, how come User located or authorized for North America can update or change outbound deliver which belongs to Indian or any Non North America geography.

Transaction Code : VL02N

** Note he is been authorized only North America Shipping Point/Plant/CC.

Regards,

Manish

Ask a Question