Q
Problem solve Get help with specific problems with your technologies, process and projects.

How to restrict users by plant in transaction code IW32

We are trying to restrict users by plant in transaction code IW32 and have this in the organization level. It is not working. I have looked at all the objects using SU24 and reviewing the access, but no luck. Where else can I look?
You should certainly use SAP's very robust authorization trace function in transaction ST01 to help you understand whether plant level security is available. My own rudimentary analysis suggests that if the maintenance plant is provided in the location tab in transaction IW32 then object I_SWERK, which includes maintenance plant, will be checked. This may require that you configure the transaction so that maintenance plant is a required field. If the authorization check is not invoked in a part of the process that is meaningful for your security objectives then consider using user exits. Look at the exits starting with CONF* in transaction SMOD and work with a developer and a functional PM expert to determine whether any of these are called in a way that will satisfy your security requirements.
This was last published in June 2006

Dig Deeper on SAP security administration

PRO+

Content

Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchManufacturingERP

SearchOracle

SearchDataManagement

SearchAWS

SearchBusinessAnalytics

SearchCRM

SearchContentManagement

SearchFinancialApplications

Close