08-11-2009 3:21 PM
Hi Gurus,
We have requirement to control the authorisation whereever the controlling area and cost centre are involved.
For exampe GR55 tcode.
Now whenever the user will not give any value in the cost center and he has mentioned the value in controlling area then the auth check should fail for the user.
Please suggest how to restrict the access??
Thanks,
Jagadish
08-11-2009 5:03 PM
Hi ,
Authorization Object "K_CCA CO-CCA: Gen. Authorization Object for Cost Center Accounting" will be checked when transaction code GR55 is executed .
Field CO-OM Responsibility Area will be created in a combination of values like cost center & Controlling Area . So technically this object ( & Field ) can be used to restrict tcode GR55 , if no entry is made in Controlling Area or viceversa.
Please let me know if you need more clarifications .
Thanks & Regards,
Jerry
08-11-2009 5:03 PM
Hi ,
Authorization Object "K_CCA CO-CCA: Gen. Authorization Object for Cost Center Accounting" will be checked when transaction code GR55 is executed .
Field CO-OM Responsibility Area will be created in a combination of values like cost center & Controlling Area . So technically this object ( & Field ) can be used to restrict tcode GR55 , if no entry is made in Controlling Area or viceversa.
Please let me know if you need more clarifications .
Thanks & Regards,
Jerry
08-18-2009 9:28 PM
Hi Jerry,
Thanks for the reply.
We added the authorisation object for the role which holds GR55.Just tested but the user is able to access different controlling areas even though we have defined the co area and cost centre in the auth obj.
Please help.
Thanks,
Jagadish
08-19-2009 4:41 PM
Hi,
Please check with your developer team.
I think the modification needs to be made in the programm.
So create a customized transaction for the requirement.. then develope a customized programm as per required authority check.
this way the issue can be resolved.
Regards,
Sandip.
08-19-2009 8:25 AM
Hi
Restriction for cost center or controlling area is only possible when any transaction is implemented with any authorization object containing KOSTL (for cost center) and KOKRS (controlling area - this is org level value). unfortunately I could see that that transaction GR55 is not having any such object. So in this case restriction through authorization maintainance is not possible I guess. So you can check with functional people or ABAP if some table maintance view may be possible or not.
Arpan
08-19-2009 9:33 AM
Jagdish
You can restrict the access by cost centre number ranges
shitika
Edited by: Shitika21 on Aug 19, 2009 10:34 AM
08-19-2009 6:36 PM
Hi Jagadish,
Have you searched OSS?
There are a few notes which you may want to look at if you enter search term: GR55 AND Authorizations
The report painter auth concept is poorly defined and delivered as standard, depending on what you need there are a few options and fixes which have been subsequently been made available.