I am trying to restrict a user to only allow them to use certain data entry profiles. I have created authorization groups (spro>Cross-app components>Time Sheet>Settings for all User Interfaces>Authorizations>Create Authorizations for Data Entry Profiles) and assigned that authorization group to a data entry profile.
I created a new security role with transaction CAT2. For P_ORGIN assigned infotype 0316, and set subtype as the authorization group that I created.
When I try to run CAT2, initial screen allows me to choose data entry profile and personnel number. But, when I click Enter Times (F5) to access the time sheet I get error message:
"No authorization for personnel number 00000137 using profile M_GEN on 16.07.2008
Message no. LR034"
In config for "Maintain Authorization Main Switches" and "Profile Generator" for CAT2, only P_ORGIN is being checked.
Any ideas why I can't maintain the time sheet when infotype 0316 and subtype is set?