Question:
Hello
I'm trying to restrict FB01 so only certain document types, ZR and ZQ can be posted and no one has access to post other document types.
I have tried restricting F_BKPF_BLA to those particular document types with no success and have also created an Authorization Group with just those two document types in but it still allows postings of other document types. Can anyone help please? It'd be very much appreciated.
Thanks...Stuart
Answer:
You have to put authorization groups on ALL the document types . If the value of the auth group is blank SAP does not perform the check.
Answer:
I'll give that a go, thanks very much
Answer:
Just remember that if they are not authorized for one document type they can frequently post using another document type if that document type is configured for the same account types. All this will do is keep you audit trail and docume nt numbering screwed up.
Answer:
Just be careful implementing this if you are dealing with a 'live' system.
Customizing authorization groups for document types means that
if you transport this to your live PRD environment, nobody will be able
to do postings unless you explicitly granted them the access through
F_BKPF_BLA. I have seen some interesting cases where local authorization
administrators decided to make the switch and where they 'forgot' that
foreign collegues also need to use document types for FI postings
I typically suggest to just copy the doc.type name into the authorization
group; makes things transparent in authorizations too...
regards,
Wouter
_________________
Wouter Janssen
Control Solutions International
e-mail: <wjanssen@be-csi.com>
web: http://www.be-csi.com/