Skip to Content
avatar image
Former Member

Restrict at fund center level using fund center authorization group


We are implementing fund management. We have a requirement from the client to restrict the access to change fund centers(FMSB) at fund center level.

Approach followed:

I tried using the authorization group field in the fund center and assigned some value for auth grp field the fund center (master data). I used the same auth grp in FM_AUTHGRC field while creating the role.

However, user is able to change all fund centers irrespective of the fund center they are restricted in the role.


1. Are there any configuration involved to achieve fund center restriction?

2. Can anyone provide the steps on how to configure authorization group before assigning it to fund center (master data)?

3. If fund center level restriction can be achieved, can we move this field (FM_AUTHGRC) to org level in profile generator? Is it a good practice to maintain this auth group at org level to enable master-derived role strategy.

I already searched in the forum and could not find any threads with a solution for this query.

Appreciate your response.



Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • Sep 16, 2008 at 10:21 PM

    Turn on the ST01 trace and execute the whole process of Change Funds Center at fund Center Level and check which objects are touched during the process. Use these object to check and see if they control the process.

    Also Browse in SPRO for any Authorization Setting under Funds Management.

    Please post the solution if it worked.


    Add comment
    10|10000 characters needed characters exceeded

    • Former Member Former Member


      I have figured the solution.

      Every fund center should have a authorization group. If the auth group field is left empty in the fund center (master data), then authority-check does not occur.

      So when all the fund centers are associated with an auth group, restriction at the fund center can be achieved.

      If fund center level restriction is desired, then it is better to make auth group a mandatory field in the master data (config)

      Hope this information helps anyone who looks for achieving restriction at fund center level.