/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PublicSymptom
You have restricted read/write access on certain company(account) for Accounts for the user, but the user can still access to Account which he/she has no access rights.
Environment
SAP Business ByDesign
Reproducing the Issue
- Go to Application and User Management work center-> Business Users view.
- Select the user and Edit Access Rights.
- Navigate to Access Restrictions tab.
- Access is restricted for Account work center view on certain company(account).
- Login system with the user ID.
- The user can access to company(account) which he/she has no access.
Cause
This behavior is due to the access restriction being set with Access Context 1010 – Employee. It is important to note that Access Context 1010 enforces restrictions based solely on the Employee Responsible field. Even if organizational or company assignments exist, they are not considered in this access context. Hence if there is no Employee Responsible is maintained for the company(account), the system treats these records as unrestricted for users with access context 1010, allowing the users to access them.
Resolution
You need to maintain the Employee Responsible for the company(account).
See Also
Keywords
BPM Accounts, Account Restrictions, Employee Responsible , KBA , SRD-CC-IAM , Identity & Access Management , SRD-CRM-ACC , Account Management , Problem
/support/notes/service/facebook.svg)
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)