Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
Showing results for 
Search instead for 
Did you mean: 

Vendor Authorization using User Role/profile

Former Member
0 Kudos

Hi All,

I know this has ben discussed quite a few number of times , but i'm still having issues with it.

I want to restrict the accounting Information Screen view of vendor Master for some user's

I have a authorization group

LFB1-BEGRU = 'TEST' in Accounting Information Screen on Vendor MASTER and also

LFA1-BEGRU = 'TEST' in Control Screen of Vendor Master Data

If i do a F1 on both above fields i get this

Authorization Group

The authorization group allows extended authorization protection for particular objects. The authorization groups are freely definable. The authorization groups usually occur in authorization objects together with an activity.


You assign the authorization using authorization object F_LFA1_BEK.

So i figured out that object F_LFA1_BEK along with other objects is already assigned to a role(ztest) , profile for the user that i'm using to test

Maintained Vendor: Change Authorization for Certain Fields  (F_LFA1_AEN)
  Field group                    *

Standard   Vendor: Application authorization (F_LFA1_APP)
   Activity                       Display
   Customer and Vendor Master Dat Financial Accounting

Standard   Vendor: Application authorization *(F_LFA1_APP - Repeated No Idea)*
   Activity                       Display
   Customer and Vendor Master Dat All values

Maintained Vendor: Account Authorization *(F_LFA1_BEK- Point of INTEREST)*
   Activity                       Lock
   Authorization Group            TEST-TEST

Maintained Vendor: Authorization for Company Codes (F_LFA1_BUK)
  Activity                       Display
  Company Code                   *

Standard   Vendor: Central Data      (F_LFA1_GEN)
  Activity                       Display

Maintained Vendor: Account Group Authorization (F_LFA1_GRP)

  Activity                       Display
  Vendor account group           *

I changed the F_LFA1_BEK to LOCK and TEST

let me know if'im missing any trick or step

I don't see the the authorization object and authorization group in TBRG table

I believe i should see an entry like

object                 auth group

If this is what i'm missing let me know how to create a new entry. Tried SM30 Table MAINTENANCE nOT allowed



Former Member
0 Kudos

Moderator message - Cross post locked Rob