Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Restrict authorizations for payment item transaction

Former Member

‎03-15-2011 9:34 AM

0 Kudos

Hi All,

This is regarding authorizations for a banking system.

The requirement is the users need to be restricted for the following transaction based on the Bank Posting Area or the contract managing unit.

BCA_PAYMITEM_CREATE

When the user goes to create payment item the user should be allowed to enter an account which has been created with the contract managing Unit ZSUM007 or Bank Posting area ZSUM. The user should not be allowed to go in for any other values of contract managing unit and Bank Posting Area

BCA_PAYMITEM_MAINTN

The user should be allowed to enter an account which has been created with the contract managing Unit ZSUM007 or Bank Posting area ZSUM .The user should not be allowed to go in for any other values of contract managing unit and Bank Posting Area.

I checked the transactions in SU24 and found only authorization object S_TCODE associated with the transcations BCA_PAYMITEM_CREATE and BCA_PAYMITEM_MAINTN.

Can someone please suggest a way to acheive this.

Regards,

Thamarai.

10 REPLIES 10

sivakumar_kilari3
Active Contributor

‎03-15-2011 10:19 AM

0 Kudos

Check his profile , Which posting areas and contract managing units accessing?

Thanks,

Siva

Former Member
In response to sivakumar_kilari3

‎03-15-2011 10:30 AM

0 Kudos

Hi Siva,

This is a ABAP system and the user is created for test purpose, how can i check the posting areas and contract managing units?

Regards,

Thamarai.

sivakumar_kilari3
Active Contributor
In response to sivakumar_kilari3

‎03-15-2011 10:42 AM

0 Kudos

1. Execute SU01

2. Enter user name and click on display button.

3. Click on roles tab. and there you can find roles

4. open that roles using PFCG tcode. you can check there.

Regards

Siva

Former Member
In response to sivakumar_kilari3

‎03-15-2011 11:19 AM

0 Kudos

Hi Shiva,

I have created the roles for the user. The actuall issue is i do not find a authorization field with the required value in the objects.

Regards,

Thamarai.

sivakumar_kilari3
Active Contributor
In response to sivakumar_kilari3

‎03-15-2011 11:24 AM

0 Kudos

Did you assign Org.Values?

Former Member
In response to sivakumar_kilari3

‎03-15-2011 11:31 AM

0 Kudos

No i have not assigned them.

Regards,

Thamarai.

Former Member
In response to sivakumar_kilari3

‎03-15-2011 11:47 AM

0 Kudos

Hi Shiva,

I tried assigning the org unit using PFCG ORGFIELD CREATE.

Now the org unit in pfcg shows Org. level Contract-Managing Organizational Unit (Encrypted) but there is no coresponding field in the authorization objects in the role.

Can you please help since the project is very critical.

Regards,

Thamarai.

sivakumar_kilari3
Active Contributor
In response to sivakumar_kilari3

‎03-15-2011 11:59 AM

0 Kudos

Check Using SUIM tcode.

How he is accessing ?

Former Member
In response to sivakumar_kilari3

‎03-15-2011 12:15 PM

0 Kudos

The authorization object used are S_TCODE and F_PIT_TRT.

There is no relevent authorization field in these object to restrict the BPA

Regards,

Thamarai.

sivakumar_kilari3
Active Contributor
In response to sivakumar_kilari3

‎03-15-2011 12:25 PM

0 Kudos

Pls. find using field values in SUIM