Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Restricting user to view GL Account at F-28

Go to solution
mt_a
Explorer

‎06-21-2010 8:11 AM

0 Kudos

Dear Guru,

I need help regarding FI authorization at F-28.

Is there any way to restrict user to post for only those account they are responsible for.

In other word, if user provides Account (Under Bank Data) for which he doesnt have authorization. Then user will not able to post it, hence get authorization issue.

Which authorization object covers such authorization...

Thank you,

Tausif.

1 ACCEPTED SOLUTION

Go to solution
Former Member

‎06-21-2010 8:28 AM

0 Kudos

Hi,

Try with the authorization object "F_BKPF_KOA Accounting Document: Authorization for Account Types", also I would like to suggest that in order to know the exact object if above does not work, create a role with F-28 and SU53 tcode and assign it to a user and start testing and modifying the objects in role till you get your desired result.

The other option would suggest you try with ST01 authorization trace.

Regards,

Sharath

3 REPLIES 3

Go to solution
Former Member

‎06-21-2010 8:28 AM

0 Kudos

Hi,

Try with the authorization object "F_BKPF_KOA Accounting Document: Authorization for Account Types", also I would like to suggest that in order to know the exact object if above does not work, create a role with F-28 and SU53 tcode and assign it to a user and start testing and modifying the objects in role till you get your desired result.

The other option would suggest you try with ST01 authorization trace.

Regards,

Sharath

Go to solution
Former Member

‎06-21-2010 8:46 AM

0 Kudos

hey tausif

try this authorization object 'F_KNA1_GRP' under FI. with this object you will have two fields namely'activity' and 'customer account group'. you can select 03 or display in activity and in account group select the appropriate customer account which you want the user to see.

beside this you can test it in quality or ides by creating a role with this tcode and then assigning it to a test user as suggested by sharath babu.

hope this helps.

take care.

Go to solution
mt_a
Explorer

‎06-21-2010 10:55 AM

0 Kudos

Manage to do it using F_BKPF_BES.

First need to define authorization group for each GL Account.

By using F_BKPF_BES, gave user authorization to access to particular Authorization Group.

Thank you guys for help.. your guidance made me achieve this.