https://community.sap.com/t5/application-development-and-automation-discussions/customized-t-code/m-p/10670181#M1868012 <HTML><HEAD></HEAD><BODY><P>is the authorization object being checked in the program, does it show up in the trace.</P></BODY></HTML> Wed, 29 Oct 2014 12:54:36 GMT Former Member 2014-10-29T12:54:36Z https://community.sap.com/t5/application-development-and-automation-discussions/customized-t-code/m-p/10670180#M1868011 <HTML><HEAD></HEAD><BODY><P>I created<SPAN style="color: #333333; font-family: 'Arial','sans-serif'; font-size: 9pt;"> a customized t-code for which the restriction needs to be set at company code level. The t-code calls the SAP standard program. For setting the<BR />company code restriction, a new authorization object was created and mapped to t-code. We created company code specific roles and provide required<BR />authorizations but still not able to restrict at company code level. Please provide your inputs.</SPAN></P></BODY></HTML> Wed, 29 Oct 2014 12:48:58 GMT https://community.sap.com/t5/application-development-and-automation-discussions/customized-t-code/m-p/10670180#M1868011 sumitdua 2014-10-29T12:48:58Z https://community.sap.com/t5/application-development-and-automation-discussions/customized-t-code/m-p/10670181#M1868012 <HTML><HEAD></HEAD><BODY><P>is the authorization object being checked in the program, does it show up in the trace.</P></BODY></HTML> Wed, 29 Oct 2014 12:54:36 GMT https://community.sap.com/t5/application-development-and-automation-discussions/customized-t-code/m-p/10670181#M1868012 Former Member 2014-10-29T12:54:36Z https://community.sap.com/t5/application-development-and-automation-discussions/customized-t-code/m-p/10670182#M1868013 <HTML><HEAD></HEAD><BODY><P>no.. its not included in the program</P></BODY></HTML> Thu, 30 Oct 2014 09:02:11 GMT https://community.sap.com/t5/application-development-and-automation-discussions/customized-t-code/m-p/10670182#M1868013 sumitdua 2014-10-30T09:02:11Z https://community.sap.com/t5/application-development-and-automation-discussions/customized-t-code/m-p/10670183#M1868014 <HTML><HEAD></HEAD><BODY><P>Hi SD,</P><P>For a standard SAP Program, run the transaction and do an authority trace to find out which authorization objects are touched. You may find the one that gives you what you need. Alternatively, there may be user exits available to add your own authority checks. Please check once.</P><P><BR />Regards,</P><P>Salil B</P></BODY></HTML> Thu, 30 Oct 2014 09:15:20 GMT https://community.sap.com/t5/application-development-and-automation-discussions/customized-t-code/m-p/10670183#M1868014 Former Member 2014-10-30T09:15:20Z https://community.sap.com/t5/application-development-and-automation-discussions/customized-t-code/m-p/10670184#M1868015 <HTML><HEAD></HEAD><BODY><P>So you added a new authorization ,object to a customer transaction which call a standard program,</P><P></P><P>The only check you actually added is executed at initial call of transaction (does user get some authority on this object, read SE93 help for the field authorization object) Then the standard program will behave as previously, so if user change company code, no additional check will be performed...</P><P></P><P>Look for Customer-exit or BAdI in the program, or for implicit enhancement spot available in the PAI of the screen where company code is input, and add your authority-check. You could also try to create transaction variant(s) with company code already provided (or come from a transaction with parameter) an not changeable.</P><P></P><P>Regards,</P><P>Raymond</P></BODY></HTML> Thu, 30 Oct 2014 09:41:19 GMT https://community.sap.com/t5/application-development-and-automation-discussions/customized-t-code/m-p/10670184#M1868015 RaymondGiuseppi 2014-10-30T09:41:19Z