2007 Sep 04 2:31 PM
Hi colleagues,
We are implementing authorizations for an organization that has a quite a number of branches. There are certain transactions(e.g, transaction F110) that we have decided to restrict to branches. For instance, a user in branch A should only be able to do automatic payment run for his branch. In setting up the roles, we made use of the the fields "Business Place" and "Branch Allocation" in setting up the restrictions for the role created; but this still has not achieved the desired results for us.
Has anyone has such similar challenges that we can share and learn from?
Regards
2007 Sep 04 2:45 PM
Not sure if what you want to do is achievable via standard SAP authorizations.
F110 only has 2 auth object checks:
F_REGU_BUK - company code
F_REGU_KOA - acount types
You may be able to do additional auth checks for vendors / customers via F_KNA1_GRP and F_LFA1_GRP, but you would need to set up the master data in your vendors / customers accordingly.