Hello, i have two types of accounts.
Account range 1: 10000000 -19999999
Account range 2: 20000000 - 29999999
For range 1 i have assigned authorization group AUT1.
For range 2 i have assigned authorization group AUT2 (by transaction OB_GLACC12).
So the general idea is some users will have access only to group 1 , etc. i have used autorization object F_BKPF_BES in the role btw.
I have created 4 roles:
1) RANGE1_ALL (means user can create / modify delete GL from range 1)
2) RANGE1_DISP(means user can only disp GL from range 1)
3) RANGE2_ALL(means user can create / modify delete GL from range 2)
4) RANGE2_DISP(means user can only disp GL from range 1)
If i give RANGE1_ALL + RANGE2_DISP to the user, he can create/modify/delete for range1 and only display GLS from range2.
Now the problem is if i want user to create/modify/delete for range1 but only display a specific account from range 2 ; say GL 29999000.
Which authorization object can i use to specify the range 2 GL account directly?thx.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.