10-14-2015 11:05 AM
can we lock the Transaction codes at Plant level or at company code level ? We have a requirement that users form one plant should be blocked form posting the identified transaction for specified duration , can we Block / lock , unlock the t-codes at plant level or at company code level
10-14-2015 1:01 PM
you need to ask that quesiton in the space of the application you are talking about.....
b.rgds, Bernhard
10-14-2015 1:46 PM
Hello Bernhard
i didn't get your answer ,can you please explain more on this ...
10-17-2015 5:57 AM
Hi Vikas
can we lock the Transaction codes at Plant level or at company code level ?
This part of your question is too generic for an answer to be given. IT implies you do not have the basic SAP security concept understanding. If you do, then you need to put more effort into asking a good question. You have senior security people in this thread willing to assist (and your questions hasn't been removed via moderation) but you've wasted 3 days on members asking you clarification questions or providing guess work answers.
The best way to answer your question is for your to provide an example - i.e. a specific transaction code
users form one plant should be blocked form posting the identified transaction for specified duration , can we Block / lock , unlock the t-codes at plant level or at company code level
If you want users to have access for some or the time but remove for other parts then you need to consider options such as:
Options exist but really come back to a specific requirement and not vague details. The solution may not actually be security authorisation driven (or part of the solution is)
We have a requirement that
Starting your vague SCN questions with this statement implies that you are spec dumping. It seems as though you have no idea what your customer wants and what the requirement is so you've posted a very generic question with no details
So where to next, please reply with your actual problem and what you have considered as solutions. This might be as simple as rewriting your question from:
that users form one plant should be blocked form posting the identified transaction for specified duration , can we Block / lock , unlock the t-codes at plant level or at company code level
to
During Month End [i.e. specified duration], we need to prevent [Block/Unlock] end users from posting financial documents via FB01 or similar transaction code [i.e. identified transactions] to company code ABCD [company code level].
Note - my example is quite high level example only as posting financial document can be via many different transaction codes.
Once you rewrite your questions and clarify exactly which problem you have to solve, you can then try searching SCN and other sites to see if such a solution has already been proposed.
If not, come back to this thread and explain what you are trying to achieve. In addition, tell us what you have considered as options and why they won't work. You might just get the help you needed
Regards
Colleen
10-16-2015 8:23 PM
10-16-2015 11:24 PM
Hi Vikas
One of the way can be to create a separate role with the intended transaction posting access /plant access and assign that role to users for time they are supposed to perform posting.
Thanks
Anika