Skip to Content
avatar image
Former Member

Restricting user to view GL Account at F-28

Dear Guru,

I need help regarding FI authorization at F-28.

Is there any way to restrict user to post for only those account they are responsible for.

In other word, if user provides Account (Under Bank Data) for which he doesnt have authorization. Then user will not able to post it, hence get authorization issue.

Which authorization object covers such authorization...

Thank you,

Tausif.

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

3 Answers

  • Best Answer
    avatar image
    Former Member
    Jun 21, 2010 at 07:28 AM

    Hi,

    Try with the authorization object "F_BKPF_KOA Accounting Document: Authorization for Account Types", also I would like to suggest that in order to know the exact object if above does not work, create a role with F-28 and SU53 tcode and assign it to a user and start testing and modifying the objects in role till you get your desired result.

    The other option would suggest you try with ST01 authorization trace.

    Regards,

    Sharath

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Jun 21, 2010 at 07:46 AM

    hey tausif

    try this authorization object 'F_KNA1_GRP' under FI. with this object you will have two fields namely'activity' and 'customer account group'. you can select 03 or display in activity and in account group select the appropriate customer account which you want the user to see.

    beside this you can test it in quality or ides by creating a role with this tcode and then assigning it to a test user as suggested by sharath babu.

    hope this helps.

    take care.

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Jun 21, 2010 at 09:55 AM

    Manage to do it using F_BKPF_BES.

    First need to define authorization group for each GL Account.

    By using F_BKPF_BES, gave user authorization to access to particular Authorization Group.

    Thank you guys for help.. your guidance made me achieve this.

    Add comment
    10|10000 characters needed characters exceeded