XK02 Authorisations

Former Member · ‎12-06-2012

Please see authorisation object F_LFA_AEN below which I am looking at with XK02

Under VGRUP the authorisation is assigned as ' '

This may be a silly question but does this mean that no fieldgroups have been assigned under this object so the user will not be able to make changes to any fields?

Former Member · ‎12-12-2012

Hi,

As David stated Dummy value is maintained for this field, i would suggest taking trace of a user executing XK02 and checking the return codes, if this authorization is present in production system it needs to be addressed, you can use one of below approaches to fix this.

Add an appropriate value to VGRUP (values can be different based on requirement, this requires input from functional team).
Maintain * to give full authorization (SOD check must be performed before making this change)
Deactivate the object (If this object does not come up in trace results then it is not required for t-code execution and can be deactivated)

Former Member · ‎12-07-2012

Hello

If you are lucky enough to have a SAP security strategy document that your client has published it may help. It looks like the field value may not have been known so the person who created the role might have used ' ' as a dummy value to be updated with correct values during UAT?

I don't like the use of ' ' in this way as it is actually a valid entry in some MM authorisation objects to allow searches etc without entering a plant.

Kind regards

David

JL23 · ‎12-06-2012

moved from SAP ERP - Logistics Materials Management (SAP MM) to Security

XK02 Authorisations

Accepted Solutions (0)

Answers (3)

Answers (3)

Deacitivating Business Functions- Multiple Address...

Re: Different Email template based on payment

Re: RFC registered program

Re: How to utilize key user custom field "via CODE...

fiscal year and standard year in the same model in...