07-02-2013 2:54 PM
Dear Experts,
We have to restrict fbl3n/fbl5n, tcode, fico, at business area wise ?
I
restricted the auth object...F_BKPF_GSB, even tough it is not restricting through plant / business area.. in our case, business area and plant are same.
Please share your valuable inputs, Thanks in Advance.
Regards,
Praneeth
07-02-2013 7:39 PM
It only works if you RTFM, but even then you are better off with plant, sales org and company code as they are used more consistently by more object which are the first line of defense.
Cheers,
Julius
07-02-2013 7:39 PM
It only works if you RTFM, but even then you are better off with plant, sales org and company code as they are used more consistently by more object which are the first line of defense.
Cheers,
Julius
07-03-2013 6:48 AM
Hi Julius,
In our case, we have only one Sales Organization and company code, So I cant restrict SO and CC.
Business Area and Plant are same.... I have only one option is Bus Area...As I said earlier, I restricted
the F_BKPF_GSB, auth object, even though it is not restricting. End user can able to access other plant data...
Could you please guide me...Can we restrict through Roles or we need to make bus area field has mandatory or any options?
Regards,
Praneeth
07-06-2013 12:49 PM
Dear Siva,
I guess its not possible as per your requirement.
Just a small thought/explore about your query. Think about G/L account wise restriction like maintaining authorization groups against each G/L and try FBL3N report.
FS00 (give any G/L code and company code) -->Control Data-->Authorization Group.
Else you may have to try for customized transaction like ZFBL3N by making Plant as a mandatory field.
Rgds,
Durga.
07-08-2013 10:22 AM
Dear Siva,
FBL5N works fine with auth. object F_BKPF_GSB.
Of course a doc. without Business Area will not be restricted, checked against authorization. Maybe you have to make it obligatory during doc. entry.
I suggest you go through and check yr role containing F_BKPF_GSB.
Activate system trace to see the author. object check.
Check also with Tcode S_BCE_6800142 to see a specific user, and for F_BKPF_GSB authorizaiton object (value XXXX activity 03) which role gives access (where XXXX should be the Bus. Area that the user should not have).
Good luck.
BR
Elly
07-15-2013 2:22 PM
Dear All,
Issue has been solved.
From FI perspective, the IMG authorization is unchecked and we checked the box.
Later by this authorization object F_BKPF_GSB, we restricted the tcode.
Thanks you all for your inputs.
Regards,
Praneeth
02-06-2014 4:50 AM
Hi Praneeth,
Can you elaborate , how to check IMG authorization uncheked or not. Plz provide us Navigation for the same. We are facing same while using FBL1N tcode
Thanks in Advance !!
Regards
Santosh
02-06-2014 6:02 AM
Hi Santosh,
IN SPRO follow the path
SPRO-->SAP Refrence IMG-->Financial Accounting-->Financial accounting global settings-->business area-->check display auth for BA--> check in BA box, later restrict through authorization object F_BKPF_GSB in PFCG.Your issue will be solved.
<evil_words_removed_by_moderator>
Regards,
Praneeth
Message was edited by: Julius von dem Bussche
02-06-2014 6:20 AM
Hi,
please don't ask for reward. Especially, on the forum that is patrolled by Julius. He has a really strong allergic reaction to points system ;-). And trust me, when you are helpful to your peers then recognition will come without asking.
Cheers
02-06-2014 6:29 AM
Hi Martin,
Apologize, It is my first and last time.
Thanks for the suggestion.
Regards,
Praneeth