Can we use I_BEGRP to restrict users from "blank" authorization group?
Hi - I see that there have been a lot of clever answers to authorizing in PM - I feel lucky today hoping to get your feed back on this :-)
In transaction code IH08 (display equipments) we want to restrict some users to certain equipments and have looked into the use of authorization groups and the authorization object I_BEGRP.
We have created a role with access to authorization group X and expected that the user would only view a list of relevant equipments assigned to this authorization group - but the list also contains all the equipments without authorization group X assigned - all the blank ones.
Is this an error in SAP - or is it just the way it is supposed to work?
- or have we missed something here?
Please, if you have any idea - don't hesitate to write - it is quite urgent :-)