You have configured an Access Restriction Rule '02 - Territories' for Territories work center for user ABC (ABC represents the user ID), but when the user logon and go to Territories work center, still he can see other territories which is not expected to be seen.
SAP Cloud for Customer
Reproducing the Issue
For a particular user role XYZ, you have set up the Access Restriction for work center Territoires, the Read access restriction rule is "02 - Territories", rule explanation is: Access based on the employee’s territory assignment only (incl. sub-territories)
The employee ABC is assigned to territory 123 (123 represents the territory ID) in employee data.
- Logon with user ABC, which is assignd to user role XYZ.
- Go to Sales > Territories work center. Here, you can also see other territories including territory 123.
Territories are restriced based on their employees which are maintained as "Owner(s)" (Territory-Team), it means those territories are "free" (without owner) can can be seen by every user in the system who has access to the "Territory" OWL in general.
Thus user ABC can see all the territories in system which do NOT have any owner + He can see those territories where he is maintained as owner + He can see territory 123 because he is part of the "Territory-Team" list.
You need to assign owners to the territories if you would like to restrict them.
access restriction, territory, employee , KBA , LOD-CRM-TM , Territory Management , Problem