Skip to Content
author's profile photo Former Member
Former Member

Issue with Transaction code VA88

Dear All,

We have role with Transaction Code VA88

The transaction code VA88 is used to reverse document. A user from a different company code was able to change the sales order of a different company code.

When checked in i see that the Transaction Code VA88 uses "Sales Organization" field for generating output.

I see from SU24 that there is no Authorization Object set to check/restrict Sales Organization. This results in any user from any sales organization can reverse document for any salers organization.

I have added the Authorization Objects V_KNA1_VKO and V_VBAK_VKO in SU24 for Transaction code VA88 and set the restrication of Sales Organization in Org.Levels. However, though restricting the Sales Organization this transaction allows access to other other Sales Organization.

Please advice

Regards

Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

2 Answers

  • author's profile photo Former Member
    Former Member
    Posted on Sep 08, 2011 at 12:37 PM

    Sumanth,

    VA88 checks only for the authorization object K_VRGNG. Changing the check proposal for V_KNA1_VKO and V_VBAK_VKO will not solve your purpose, since the program associated with VA88 doesn't have a valid check on these objects.

    If you wish to enable the authorization check on these objects, talk to your development team to have an authority check statement included on them.

    But, my advise is to discuss with the Line of business to discuss on the impact on doing this restriction.

    Regards,

    Raghu

    Add a comment
    10|10000 characters needed characters exceeded

  • author's profile photo Former Member
    Former Member
    Posted on Sep 09, 2011 at 02:11 PM

    Hi

    You can use tthe user exist EXIT_SAPLKOBS_001 and ABAP Devlopment team inster the Authority-check statement with the object you wanted to check.

    Regards

    Vikas

    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.