Skip to Content
author's profile photo Former Member
Former Member

RESPAREA's effects on obsolete auth objects

Hello all,

I was asked a question by a client and couldn't provide a definitive answer.

They are implementing RESPAREA for hierarchies as an organisational level. There are various notes on this that they have implemented.

The potential problem, leaving the now obsolete auth objects for cost centre with *'s in the fields leaves the security open for any tcodes that for some reason do not check for RESPAREA.

Question 1. Does anyone know of any tcodes that may cause a problem here (ie, will grant unrestricted access to cost centres rather than checking the RESPAREA restriction)?

Question 2. There are many auth objects for cost centres. If I perform a lookup on all auth objects with field KOSTL, will I capture all auth objects that we can put *'s in the KOSTL field, or are there more/less?

Add comment
10|10000 characters needed characters exceeded

1 Answer

  • author's profile photo Former Member
    Former Member
    Posted on Aug 03, 2006 at 09:38 PM

    A lot of roles can be effected by this change yes, but it seems to me that you already know this and the customer has already implemented the solution.

    1. No. If anything, the access will be more restrictive than before.

    2. KOSTL has nothing to do with RESPAREA. This is two different fields. By making RESPAREA as an organizational level, you do not change anything in KOSTL.

    Check table KBEROBJ. In there you can see what objects are effected.

    Add comment
    10|10000 characters needed characters exceeded