cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

FB60, How to exclude a G/L account from being selected ?

Go to solution
Former Member

on ‎11-12-2010 3:17 PM

0 Kudos

I am in need to EXCLUDE a specific G/L account from being selected, from the drop down list, when executing FB60 (Enter Vendor Invoice) to create a new vendor invoice ?

1) Is this doable ?

2) Could this be done programmatically (ABAP team) ?

3) Could this be done at Security Role level (Basis & Security ABAP team) ?

Thank you in advance!

Best regards,

Tom

Moderator: Validation will be a solution post-factum - user won't be able to post against this GL, but it still could be selected. Please, search SDN: these questions have been asked before

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

former_member207607
Active Contributor
‎11-15-2010 9:04 AM
0 Kudos

Dear Tom,

if You define the authorization Group into transaction FS00 --> Control data, the relevant authorization object will be F_BKPF_BES. If You define the authorization into Your vendor master data (LFB1-BEGRU), the relevant authorization object will be F_BKPF_BEK.

I hope this can help You.

Mauri

Show replies
Show replies
Former Member
‎11-15-2010 2:18 PM
0 Kudos

Hi Amuri, thank you for your reply!

YES, we define the authorization Group via FS00 --> Control data, which means the relevant authorization object will be F_BKPF_BES.

As I said earlier, the corresposing field will be BRGRU and and not BEGRU.

Then the question is, WHICIH AUTHORIZATION GROUP DO I SET, for the value of BRGRU, there are thousands !!

Best regards,

Tom

Answers (4)

Answers (4)

Former Member
‎11-15-2010 9:23 AM
0 Kudos

Hi,

As per my knowledge, easiest and best solution is USE VALIDATION. 2nd option I see is using enhancements, we can perform this. Fot enhancements option, you need to contact your ABAPer.

Sudhaker

Show replies
Show replies
Former Member
‎11-15-2010 2:23 PM
0 Kudos

Hi Sudhaker, thank you for your reply!

Could you please elaborate the solution USE VALIDATION.

I am not familiar with that!

Is it something that ABAPers do ?

Could something be done by using Authorization Groups // Authorization Objects ?

Best regards,

Tom

Former Member
‎11-15-2010 9:15 AM
0 Kudos

Hi,

Just block that GL account for postings in GL master record.

Thanks

Z.

Show replies
Show replies
Former Member
‎11-15-2010 2:20 PM
0 Kudos

Hi Mohammed, thank you for your reply!

How do I "block that GL account for postings in GL master record" ??

Programmatically (ABAP) or via Security Role(s) ?

Best regards,

Tom

former_member207607
Active Contributor
‎11-12-2010 5:20 PM
0 Kudos

Dear Tom,

yes, Your idea is correct; so please use the field BEGRU to exclude a G/L account to be selected.

The only thing I can add is that the SAP Standard System does not check the Authorization field empty

(BLANK).

I hope this helps You.

Mauri

Show replies
Show replies
Former Member
‎11-12-2010 6:37 PM
0 Kudos

Hi Mauri, thank you for your reply!

You meant to say the field BRGRU and not BEGRU, correct ?

Well, that's the Authorization Group authorization object, I thought about it from the beginning, but there are thousands Authorization Groups, which one do I choose, or should I create a new one ?

I am sure this a 'common' request, where people would ask for; I wonder if SAP has already provided a 'solution' for it.

Best regards,

Tom

Former Member
‎11-13-2010 4:29 PM
0 Kudos

Hi Tom,

BEGRU is the field name and BRGRU is the data element.

BEGRU is a freely definable field, so you can enter any value that you like, for Ex: "ZZZZ" and give to your basis team, to give restricted authorization based on this field and value and you will achieve what you want to..

Regards,

SAPFICO

Former Member
‎11-13-2010 8:46 PM
0 Kudos

Hi SAPFICO, thank you for your reply!

My Basis/Security team has sent me the following.

<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>

BRGRU is the 'field' from the F_BKPF_BES Authorization Object!

F_BKPF_BES is the 'Accounting Document: Account Authorization for G/L Accounts' Authorization Object.

<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>

What Authorization Object, the field BEGRU, is associated with ?

Best regards,

Tom

Former Member
‎11-13-2010 9:45 PM
0 Kudos

Hi Tom,

As I told you in my previous reply, that the field Authorization object in GL master is a freely definable field and you can go to FS00 and write whatever you want in that field and, for Ex: "ZZZZ" and give it to your BASIS team and you can assign this Authorization Object Key ZZZZ in all the Gl's that you want to restrict.

Regards,

SAPFICO

Former Member
‎11-15-2010 2:13 PM
0 Kudos

HIi SAPFICO, thank you for your reply!

BY looking at the FS00 screen, where (what tab) the << field Authorization object in GL master is a freely definable field >> the authorization object, for a G/L Account, iis defined ?

Is this an EXCLUDE or an INCLUDE mechanism ?

Best regards,

Tom

Former Member
‎11-12-2010 3:26 PM
0 Kudos

Hi Tom,

It may be doable from the BASIS side. But the abap program is too much of work that you are thinking for a return of what you want. You can restrict the user for a transacton code level to do posting aginst those GL account by creating a validation rule.

Paul

Show replies
Show replies
Former Member
‎11-12-2010 3:42 PM
0 Kudos

Hi Paul, thank you for your reply!

How do I "restrict the user for a transaction code level to do posting against those GL account by creating a validation rule" ?

The t-code remains the same (FB60).

How can I create a 'validation rule', is it done by an authorization object and then by a security role ?

Should I create authorization groups and add G/L accounts into them ?

Best regards,

Tom

Ask a Question