Restrict at fund center level using fund center authorization group
We are implementing fund management. We have a requirement from the client to restrict the access to change fund centers(FMSB) at fund center level.
I tried using the authorization group field in the fund center and assigned some value for auth grp field the fund center (master data). I used the same auth grp in FM_AUTHGRC field while creating the role.
However, user is able to change all fund centers irrespective of the fund center they are restricted in the role.
1. Are there any configuration involved to achieve fund center restriction?
2. Can anyone provide the steps on how to configure authorization group before assigning it to fund center (master data)?
3. If fund center level restriction can be achieved, can we move this field (FM_AUTHGRC) to org level in profile generator? Is it a good practice to maintain this auth group at org level to enable master-derived role strategy.
I already searched in the forum and could not find any threads with a solution for this query.
Appreciate your response.