Question:
Hello,
In 4.6c transaction MRBR is currently wide open. Anyone with authorization to this transaction can unblock invoices in any company code.
Standard security profiles can only restrict users at universal (*) or purchasing group level. We require control at Purchasing Organization or company code.
OSS 399953 suggests creating validation rule (GGB0) to test user authorizations for transaction MRBR and authorization object F_BKPF_BUK.
Can anyone supply the validation coding to solve this seciurity problem.
Thanks in advance
_________________
Kind regards Steve Dunford
Answer:
try to exit from the SAP standard code itself?