10-29-2007 8:36 PM
Does anyone know if there is a way to separate the block and unblock activities for transactions XK05, FK05, MK05, etc.? I believe they are controlled by auth objects F_LFA1_* and ACTVT 05 (Lock). I have a request that a role be able to block a vendor, but not unblock. Is this possible?
Thanks.
10-29-2007 10:46 PM
Hi William,
I am not sure about this one, but for many objects (b)lock and un(b)lock are the same activity. It ('05') is often a "toggle-switch". The vendor / user can generally (b)lock themselves anyway...
Take a look through the objects documentation in SU21 to see whether there is an authorization control possibility. I suspect not.
You might also want to see whether there is a customizing option for this. A release strategy for the block / unblock (sensitive fields) might be easier? I am not logged on, but you can check it in SPRO customizing.
From a procedural point of view, I would suspect that the authorization required to block a vendor would require at least the same authority to unblock (and approve) the vendor.
If you explain why you have this requirement then it would help.
How big is your accounts payable department?
Out of curiosity: Are you getting an SOD (Segregation of Duties) warning for this from some rule set in a tool which you bought or adopted? Based on which rule (the value in the rule) did it invent this activity conflict?
Cheers,
Julius
10-29-2007 10:46 PM
Hi William,
I am not sure about this one, but for many objects (b)lock and un(b)lock are the same activity. It ('05') is often a "toggle-switch". The vendor / user can generally (b)lock themselves anyway...
Take a look through the objects documentation in SU21 to see whether there is an authorization control possibility. I suspect not.
You might also want to see whether there is a customizing option for this. A release strategy for the block / unblock (sensitive fields) might be easier? I am not logged on, but you can check it in SPRO customizing.
From a procedural point of view, I would suspect that the authorization required to block a vendor would require at least the same authority to unblock (and approve) the vendor.
If you explain why you have this requirement then it would help.
How big is your accounts payable department?
Out of curiosity: Are you getting an SOD (Segregation of Duties) warning for this from some rule set in a tool which you bought or adopted? Based on which rule (the value in the rule) did it invent this activity conflict?
Cheers,
Julius
10-31-2007 1:43 PM
Thank you for your input, Julius.
I assumed as much, but it's good to have someone to agree with.