2008 Apr 02 6:58 AM
Hi Need some inputs from all,
One of our clients requirement is to have authorization at GL account level.
What I mean is,
If we have user A, who is allowed to use a GL account (let us say CASH book account),
But if the user B is not allowed to use the above said GL account but he is allowed to do the all transactions with other GL account,
I understand that we can address through validation but I dont want to do it through validation but wanted to address it by authorization,
Pls. brief me about it.
Cheers
Rahul
2008 Apr 03 6:33 PM
Hi Rahul,
Pls tell us which GL tcodes users are using when working on the Accounts?
2008 Apr 04 5:44 AM
2008 Apr 04 8:34 AM
Hi,
I'm pretty sure that you could use authorisation groups assigned to the GL account. I think this is maintained on the master data for the GL account.
If you decide to go this route then I would only assign the groups to the accounts that should be restricted, and then leave the field blank for all unsretricted accounts. This can become a maintenance nightmare so I recommend that this only be applied for crtical accounts.
The object that you would use to control access is F_BKPF_BES, keeping the activity values aligned with the other F_BKPF objects that are being checked.
Regards