Transaction MRBR is currently wide open. Anyone with authorization to this transaction can unblock invoices in any company code.
Standard security profiles can only restrict users at universal (*) or purchasing group level. We require control on company code.
OSS 399953 suggests creating validation rule (GGB0) to test user authorizations for transaction MRBR and authorization object F_BKPF_BUK.
Can anyone supply the validation coding to solve this security problem?
Is anyone familiar with this problem ? Do you have a solution ? also None standard SAP solutions are welcome
Thanks in advance
Greetings,
Vincent