Solved: authorization in ob52

Former Member · ‎05-15-2009

Hi,

We created a authorization group called P002 and assinged in OB52.(Peroid Maintenance for Fi).

in that we opened April and May 2009. but one is user is able to post in 2008 also.

How can it possible.

please guide me

sateesh

Former Member · ‎05-19-2009

If the user has access for F_BKPF_BUP with '*' value, user will be post for all the authorozation group included in OB52. Check F_BKPF_BUP.

Former Member · ‎05-15-2009

Hi,

May be he is having Change authorization for this object S_TABU_DIS .

Can you please check it once in his Roles.

Regards,

Venkat.

Former Member · ‎05-15-2009

Hello Sateesh,

Please check who all are having F_BKPF_BUP object with authorization group : P002 from SUIM - User~~>Users by Complex selection criteria~~>By Authorization values.

From this output, check for any service users/communication with full authorizations or users who are having authorization on OB52.In Production environment it can OB52 settings can be changed.Pls check.

Rgds,

Gadde.

Former Member · ‎05-15-2009

This is not possible with stock t code OB52.Only possbility is there if you go for custom transaction code with help of ABAP coding.

Former Member · ‎05-15-2009

> This is not possible with stock t code OB52.

That is why you typically close the sub-ledgers first and have a period end close schedule.

Only special users (balance sheet accountants) should be able post after that time.

If your warehouse RFID scanners can still post, then this is either a procedural or config error in the sub-ledger module.

> Only possbility is there if you go for custom transaction code with help of ABAP coding.

That coding can post a lot of rubbish as well...

Cheers,

Julius

Former Member · ‎05-19-2009

If the user has access for F_BKPF_BUP with '*' value, user will be post for all the authorozation group included in OB52. Check F_BKPF_BUP.