Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Restrict Post entry

Former Member

‎08-09-2009 12:07 PM

0 Kudos

How to restrcit Post entry option for Particular trasctions? I have 100 roles with these trasactions.

Do we restrcit Auth object level or We will go for individual role and deactivate iption 10:

Thanks

3 REPLIES 3

jurjen_heeck
Active Contributor

‎08-09-2009 12:18 PM

0 Kudos

> How to restrcit Post entry option for Particular trasctions? I have 100 roles with these trasactions.

Which transactions? We're not psychics here....

> Do we restrcit Auth object level or We will go for individual role and deactivate iption 10:

What do you mean by restricting "auth object level"? If you want to take rights away from users you'll have to change all roles which hold these rights and ar assigned to those users. If "option 10" is the activity to post then you'll have to take that out of each role.

Former Member

‎08-17-2009 4:11 PM

0 Kudos

Check what authorization object is used to do the post entry.

That can be tracked by the authorization trace in ST01. Make the required change in the particular authorization object for all roles.

If their is any specific customized program is available for the required task, that can be changed. (though the change requirement is not too clear to me, but this can be another possible way).

Regards,

Sandip Maiti

arpan_paik
Active Contributor

‎08-19-2009 11:07 AM

0 Kudos

Hi Venkat,

To restrict post access you need to look into the Authorization objects with description starts with "Accounting Document". To be more specific for transaction FB05 (post with clearance) below object with create activity will provide post access to various option (like customer, vendor, G/L Ac, company code etc).

F_BKPF_BED

F_BKPF_BEK

F_BKPF_BES

F_BKPF_BLA

F_BKPF_BUK

F_BKPF_BUP

F_BKPF_GSB

F_BKPF_KOA

However I would like say one more thing as added information. If your actual requirement is to restrict user from posting but providing access to park then that is not possible from authorization point of view. As providing authorization park is required access to above objects with 01 and 77 activity. So restricting access to 01 activity will automatically restrict access to park. If your requirement does not mix with park then you can go ahead as depicted above. But take of other transactions that may require above objects with 01 activity.

Arpan