Question:
I've an issue I have never noticed before... Roles for GL display are restricted to viewing account type S only. The idea is that if a user needs access to view G/L docs that eg. credit GL and debit vendor etc they get the corresponding role for AP in addition.
However, as a stand alone role GL display (with S only) should work.
Now, when I run FB03 and on the initial screen enter my document number I can display the doc. However, if I go to document list and don't enter a doc it fails on account type access.
I would expect this as the only selection criteria I entered is Co Code, Doc type GJ and year, there may be GJ documents with a vendor line item. But then I enter the same document that worked on the initial screen and the auth failure occurs again.
I have lots of reports that are also falling over with the same error, presumably as they are calling FB03. I don't want to have to give 03 with *, so wondered if anyone else has encountered this problem.
Thanks!
Answer:
Has anybody encountered this???
Answer:
Working as designed....
Access to G/L account only, means G/L accont only. SAP is expecting you to view Journal enties not Vendor Invoices. If the Document has Vendors or customers or assets then technically your roles are desined to allow G/L only. Hence the errors.
Further is you do not have Employees as vendors, why do you care?
_________________
John A. Jarboe
Answer:
Thanks John. We do have employees as vendors so it is a concern.
Even in the list screen if I enter the GL document number (posts the debit and credit to GL accounts only, vendors and customers not involved) it still fails, yet it works on the fb03 front screen.
I would understand if I was trying to display a doc that has a credit/debit to a non GL account but it doesn't ! ???
Answer:
I beleive... Still orking as designed.
Since Accounting documents are sequenced and you may have it configured that G/L and Other documents do not have their own number range, SAP is checking each document in the list and once failed stops. In some cases there iare errors but only the authorized data is given.
If viewing Employee data is the concern, you can contol access to the vendors not the accounts by adding an auth group to the employee-vendors. THen you can give out all the accounts.
_________________
John A. Jarboe