cancel
Showing results for 
Search instead for 
Did you mean: 

posting authorization restriction in t-code F-02

Former Member
0 Kudos

I have created a scenario for park/post for special GL entries. for that I will be using f-02 to hold the invoice and fb11 to post the invoice.

I need to restrict the authorization of posting in F-02 so that the user can only held the invoices. any possibility to restrict the posting rights? I dont want to go on screen variants? cant it be done from second level authorization?

Looking forward for the feedback!

Accepted Solutions (0)

Answers (1)

Answers (1)

vinod_vemuru2
Active Contributor
0 Kudos

Hello,

Trace the authorization objects triggered during posting activity in F-02 though t-code ST01.

Select authorization check, switch on trace and post in F-02 and switch off the trace and analyze.

Once you have object name and activity values, you can ask BASIS to restrict the access based on these.

Thanks,

V V

Former Member
0 Kudos

it says to remote the object from F_BKPF_BUK (Create or generate). I did that but now i cant access f-02

former_member183424
Active Contributor
0 Kudos

Give the activity only for 77 (Park) do not give the activity 01 or 02 for authorization object F_BKPF_BUK.

Read more in this thread

The thread will give you many option instead of authorization also.

Former Member
0 Kudos

I did that even but it doesn't allow to access t-code after removing the activity 01

vinod_vemuru2
Active Contributor
0 Kudos

Hi,

Can you try to remove access for activity 10 only and check?

Thanks,

V V

former_member183424
Active Contributor
0 Kudos

@

I have checked, system is still allowing to post the document.

I have trace the system for authorization check in ST01, I can see system has checked just the activity as 01 to post the document.

@

vinod_vemuru2
Active Contributor
0 Kudos

Thanks Dev. Activity 01 is checked even before we click post. This is just to check access to F-02.

We can check this by activating trace, go to F-02, switch off trace and analyze.

@Javed,

You can check to write the logic in Enhancement Spot as well if there are no BADI/user exits available.

You may think of validation (OB28) as well.

Thanks,

V V