Restriction on FB02 on Document type

Similar Messages

• Document Posting restriction using posting key,document type combination

  Hi
  We have a authorization restriction issue using posting key&document type&Accoutn type  combination.
  Requirement is
  User A should be able to post to vendors only for particular posting key&document type.He should be able to post to with any other posting keys and document types to vendors.
  We have tried with document type authorization object/vendor authorization objects from user profile but it does,t work.
  can any one suggest some way please/
  r
  regards

  Hi
  I think you should be able to achieve the same through Validation rule:
  Prerequisite
  Document Type - XXXX
  Check
  User name = 123 and Posting Key = XX
  You can set a an error messsage which would be bleeped when the check fails
  Regards
  Sanil Bhandari

• Authorization restriction on amount and document type

  Hi,
  The business need is to resctrict the authorization of docuemnt posting on the below levels:-
  1.) Transaction Type - This can be controlled by document type / transaction code
  2.) Amount per transaction type
  Example,
  Let us say there are two user ids FIUSER1 and FIUSER2.
  FIUSER1 should have the authorization of posting cash transactions will 5,000 amount and vendor invoices will 1,00,000 amount.
  while
  FIUSER2 should have the authorization of posting cash transactions will 25,000 amount and vendor invoices will 10,00,000 amount.
  Can we do it with standard SAP without using validations / user exits / exhancements?
  Thanks,
  Nitish

  Use GGB0 to create a validation and in that you can create different sets using GS01 to validate diffrent user ID's.
  Like you can set the validation on - BLART , TCODE and WRBTR .
  Else you can use the exit functionality in GGB0 and then activate the same in OB28 or GGB4 .
  Cheers ,
  Dewang

• Restrict the user   based on document type on migo transaction-prepare GRN

  Hi,
  We are running ECC6.0 R/3 system.We had a requirement as follows
  In MIGO transaction , we want to restrict the user on document type i.e. we want that a particular user can  prepare GRN for document type  STO only. He cannot prepare GRN for other document type.
  We checked  SU24->maintain check indicators for transaction codes->enter migo->execute->check indicator.This returned us the authorisation objects present in Migo transaction.We checked the help of all these objects,but none of them we found suitable for above mentioned requirement.We were planning to find out the proper authorisation object to add to Profile generater.
  The following is the objects which we have checked for.
  A_B_ANLKL-->     Asset Postings: Company Code/Asset Class
  A_B_BWART-->     Asset Postings: Asset Class/Transaction Type
  B_USERSTAT-->     Status Management: Set/Delete User Status
  B_USERST_T-->     Status Management: Set/Delete User Status using Process
  C_AFKO_AWK-->     CIM: Plant for order type of order
  C_CACL_DSG-->     Interface Design
  C_DRAW_BGR-->     Authorization for authorization groups
  C_DRAW_DOK-->     Authorization for document access
  C_DRAW_TCD-->     Authorization for document activities
  C_DRAW_TCS-->     Status-Dependent Authorizations for Documents
  C_KLAH_BKP-->     Authorization for Class Maintenance
  C_STUE_BER-->     CS BOM Authorizations
  C_STUE_WRK-->     CS BOM Plant (Plant Assignments)
  C_TCLA_BKA-->     Authorization for Class Types
  C_TCLS_BER-->     Authorization for Org. Areas in Classification System
  C_TCLS_MNT-->     Authorization for Characteristics of Org. Area
  F_BKPF_BUK-->     Accounting Document: Authorization for Company Codes
  F_BKPF_BUP-->     Accounting Document: Authorization for Posting Periods
  F_BKPF_KOA-->     Accounting Document: Authorization for Account Types
  F_FICA_FOG-->     Funds Management: authorization group of fund
  F_FICA_FSG-->     Funds Management: authorization group for the funds center
  F_FICB_FKR-->     Cash Budget Management/Funds Management FM Area
  F_KNA1_APP-->     Customer: Application Authorization
  F_LFA1_APP-->     Vendor: Application Authorization
  F_SKA1_BUK-->     G/L Account: Authorization for Company Codes
  G_GLTP  -->       Spec. Purpose Ledger Database (Ledger, Record Type, 
                                 Version)
  J_1IDEP_SL-->     Authorization object for depot sale transaction
  J_1IEXC_OT-->     Authorization object for Other Excise Invoice Create
  J_1IEX_PST-->     Autorization object for posting Other Excise invoice
  J_1IGRPT1-->     Auth. for PART1 at GR
  J_1IINEX  -->            Incoming Excise Invoice
  J_1IRG23D-->     Authorisation object for Depo Transactions
  K_CCA-->                     CO-CCA:  Gen. Authorization Object for Cost Center 
                                  Accounting
  K_CSKS     -->                CO-CCA:  Cost Center Master
  K_CSKS_SET-->     CO-CCA: Cost Center Groups
  K_PCA-->                    EC-PCA: Responsibility Area, Profit Center
  L_TCODE-->                    Transaction Codes in the Warehouse Management System
  M_ANFR_BSA-->     Document Type in RFQ
  M_ANFR_EKG-->     Purchasing Group in RFQ
  M_ANFR_EKO-->     Purchasing Organization in RFQ
  M_ANFR_WRK-->     Plant in RFQ
  M_BEST_BSA-->     Document Type in Purchase Order
  M_BEST_EKG-->     Purchasing Group in Purchase Order
  M_BEST_EKO-->     Purchasing Organization in Purchase Order
  M_BEST_WRK-->     Plant in Purchase Order
  M_MATE_CHG-->     Material Master: Batches/Trading Units
  M_MATE_STA-->     Material Master: Maintenance Statuses
  M_MATE_WRK-->     Material Master: Plants
  M_MRES_BWA-->     Reservations: Movement Type
  M_MRES_WWA-->     Reservations: Plant
  M_MSEG_BMB     -->Material Documents: Movement Type
  M_MSEG_BWA-->     Goods Movements: Movement Type
  M_MSEG_BWE-->     Goods Receipt for Purchase Order: Movement Type
  M_MSEG_BWF-->     Goods Receipt for Production Order: Movement Type
  M_MSEG_LGO-->     Goods Movements: Storage Location
  M_MSEG_WMB-->     Material Documents: Plant
  M_MSEG_WWA-->     Goods Movements: Plant
  M_MSEG_WWE-->     Goods Receipt for Purchase Order: Plant
  M_MSEG_WWF-->     Goods Receipt for Production Order: Plant
  M_RAHM_BSA-->     Document Type in Outline Agreement
  M_RAHM_EKG-->     Purchasing Group in Outline Agreement
  M_RAHM_EKO-->     Purchasing Organization in Outline Agreement
  M_RAHM_WRK-->     Plant in Outline Agreement
  Q_TCODE     QM -->         Transaction Authorization
  S_ADMI_FCD-->     System Authorizations
  S_ALV_LAYO-->     ALV Standard Layout
  S_BDS_DS-->     BC-SRV-KPR-BDS: Authorizations for Document Set
  S_BTCH_ADM-->     Background Processing: Background Administrator
  S_BTCH_JOB-->     Background Processing: Operations on Background Jobs
  S_CTS_ADMI-->     Administration Functions in Change and Transport System
  S_DATASET-->     Authorization for file access
  S_DEVELOP-->     ABAP Workbench
  S_DOKU_AUT-->     SE61 Documentation Maintenance Authorization
  S_GUI-->                     Authorization for GUI activities
  S_OC_DOC-->     SAPoffice: Authorization for an Activity with Documents
  S_OC_ROLE-->     SAPoffice: Office User Attribute
  S_OC_SEND-->     Authorization Object for Sending
  S_PACKSTRU-->     Internal SAP Use: Package Structure
  S_PRO_AUTH-->     IMG: New authorizations for projects
  S_RFC-->                     Authorization Check for RFC Access
  S_SCD0     -->                Change documents
  S_SPO_DEV-->     Spool: Device authorizations
  S_TABU_DIS-->     Table Maintenance (via standard tools such as SM30)
  S_TCODE     -->                Transaction Code Check at Transaction Start
  S_TRANSLAT-->     Translation environment authorization object
  S_TRANSPRT-->     Transport Organizer
  S_WFAR_OBJ-->     ArchiveLink: Authorizations for access to documents
  V_LIKP_VST-->Delivery: Authorization for Shipping Points
  V_VBAK_AAT-->Sales Document: Authorization for Sales Document Types
  V_VBAK_VKO-->Sales Document: Authorization for Sales Areas

  Have you executed a trace while a functional user executes the transaction code for the specific parameters? (i.e. document type). The trace will then show which objects are being checked; then look at the object documentation in txn Su21 to determine if there are any ways to restrict on the particular value; in some cases, if the authorization group field is being checked, additional configuration is needed in order to implement the security (Su21 will explain in detail for the particular object).

• Document type restriction

  To restrict access to specific document type (BLART) on  transactions FBL5N and FB03, we applied the following settings:
  - Assign authorization groups (BRGRU) to document types in OBA7
  - Assign authorization groups (BRGRU) to roles in PFCG
  - Assigning users to the appropriate roles
  but all users can view all types of documents!
  how I should proceed to restrict access to particular types of documents for users?
  Many thanks in advance!
  Ismail

  Hi,
  Please do to the following steps :
  1. Go to SE16
  2. Enter table name as TBRG
  3. Click on Create
  4. Enter Object F_BKPF_BLA
  5. Enter Value - this will be yours authorization object value.
  6. Enter Description
  7. Save
  8. Go to transaction code PFCG
  9. Create a new role
  10. Click on
  11. Enter Object F_BKPF_BLA
  12. Enter Value - this  value is the value created by you in table TBRG.
  13. Enter Activities
  14. Generate .
  15. Assign role to users.
  Please remove authorization object F_BKPF_BLA from all the existing roles before assigning newly created role to users.
  We hope your problem gets resolved by following this steps else revert.
  Regards,
  Tejas

• Restrict purchase order document type at plant level

  Dear,
  I would like to restrict the purchase order document type at plant level,
  Plz help me.

  Hi Dear,
               at the Plant level you have to use the below given Authorization Objects for the Users in different Plant
  M_BEST_BSA     Document Type in Purchase Order
  M_BEST_WRK     Plant in Purchase Order
  Give the values of the respective Plant and Order Type for the Respective Users.
  For more help you can contact your Security Team.
  but before that please check out in the T-Code SU24, if both the Objects are active, if not then ask the ABAP person to activate them.
  Hope it helps you.
  regards,
  yawar Khan

• Restrict display and posting for specific document types

  Hi,
  Is it possible to restrict display and posting for specific document types? I want to restrict authorization to SM document type in FS10N, and KSB1 tcode. Please help
  Best Regards,
  KIRAN.

  Sandipan Choudhury wrote:
  FS10N checks for this object ("Check" in Su24) but when user doesnot has this authorization object he gets access to all doc types and when the user is restricted to specific doc types (object present in user's authorization) he will get access to only those doc types. This is how the authorization check for F_BKPF_BLA works, in other words this authorization is Optional.
  Sorry, but this is not true and seems to be an invention of how you would like it to work...
  The coding works like this (generally):
      if sy-subrc ne 0.
        select single * from  t003 where blart = postab-blart.
        check sy-subrc = 0.
        blrtab-blart = t003-blart.
        blrtab-brgru = t003-brgru.
        append blrtab.
      endif.
      if blrtab-brgru ne space.    "<--- important condition!!
        authority-check object 'F_BKPF_BLA'
             id 'BRGRU' field blrtab-brgru
             id 'ACTVT' field actvt.
        if sy-subrc ne 0.
          rcode = 4.
        endif.
      endif.
    endif. 
  The "optional" aspect is whether or not the document type has an auth group on it in T003, failing which the check is suppressed.
  If it reaches the check, then it found something and then checks that selected value.
  Moral of the story:
  --> Do not believe SU53.
  --> Do not make assumptions from ST01 traces.
  --> Read the documentation carefully.
  --> Read the code to see how it really works (you can jump to the coding location from the trace).
  Cheers,
  Julius

• Validation for Document Type

  Hi,
  I want make a validation for document type wise posting for particular users like user ABC only post JV doc.type document. Please suggest me how I will make it.
  Thanks & Regards,
  Hemant Kumar Maurya

  Hello Hemant,
  You can manage this with authorization or validation (T Code OB28 or GGB0), for validation:
  1 - Create a validation at document header level.
  2 - You can create a set (table BKPF and filed - user name) with T code u2013 GS01 wherein you can give list of users for which you want to restrict posting only with document type u201CJVu201D. Attached this set or a single user in u201CPrerequisiteu201D section of validation.
  3 - In u201CChecku201D section of validation validate the document type u201CJVu201D syntax u201CBKPF-BLART <> JVu2019
  4 - Create and attach error message for above validation.
  5 - Attach this validation to your company code in OB28
  Since i donu2019t have SAP log on credential therefore cannot give you exact validation code syntax.
  Please try, hopefully this would help.
  Regards,
  Parag

• Validation of document type in VA01

  23.12.2008
  Hi Gurus,
  We create a Sales Order (eg. ZXXX) through a Z-development. My requirement is that this particular document type should not be created using t.code VA01. Need a validation for VA01 in the first screen itself  ( where the document type, Sales Org, Dist Channel and Divn is entered) to restrict creation of document type ZXXX thru t.code VA01
  Regards

  Dear Sanjay,
  If your requirement is - To restrict Creation of Sales Document Type "ZXXX" with Transaction Code: VA01
  which, I have understood from your query:
  My requirement is that this particular document type should not be created using t.code VA01.
  ...the same could be achieved by changing/ modifying the Transaction Group in to Sales Document type.
  Path: T. Code: VOV8 --> Key-in Sales Doc. Type --> Go in to Detail-page --> Tab: Transaction Flow --> Field: Transaction Group
  If, we maintain entry as "0", the sale doc.will be created with VA01
  If, we maintain entry as "1", the sales doc. will be created with VA11.
  Note: If, you change Transaction Group to "1" for Standard Sales Doc. Type - OR; it will be created with VA11 and not with VA01.
  So, change the Transaction Group from "0" to "as reqd." for Sales Document Type "ZXXX" in VOV8
  Best Regards,
  Amit

• Restrict User for Particular Doc Types and GL Account

  Dear Experts,
  I want to restrict few users with Doc type JV and Posting to GL Account 1 - 1000
  I created a set for Username fo be restricted and i have written a Validation for Line Item  saying
  Prerequiste
  BKPF-BLART = 'JV' AND BKPF-USNAM IN T_DOC_USERS
  Check
  BSEG-HKONT >= '1' and BSEG-HKONT >= '1000'
  Mesaage
  User Resticted for Doc Type JV and GL Account
  Can someone please advice on priority
  Thanks in Advance !!!!
  Regards
  Rahul

  HI
  1.You can restrict the user to document types by authorization settings Transaction Code PFCG
  Note : This will not hide entries in a drop down list.
  2.You can restrict the user to view the General Ledger reports like FBL3n,FBL1N like wise
  Hope this will help you

• Restriction of GR & IR for PO with specific document type

  Hi,
  How we can restrict doing Goods Receipt & Invoice Receipt for a Purchase order, instead they do the payment directly for the Purchase order item in FI. We need to restrict GR & IR for PO with particular document type.
  Regards,
  Srinivas

  Hi,
  Yes i do feel the same. Normally if a PO is created means system expects a GR and and IR .If you do not expect the ir means it is a free entry.
  But however you can control the GR / IR through account assignment .please check the account assignment definition at SPROMMPUR-Account assignment-AAcategory.
  Once the PO is created with account assignment the procurement is for consumption  (non stock)
  if it is a stocked procurement system will check the GR/IR indicator in the PO.
  When a PO is created in MM module and the cycle is not completed , it will always show as open PO.I think the context for FI direct posting will be differrant.
  Regards,

• How to restrict document types in hierachy

  Hi
  My scenario is
  For DIR of document type A only DIRs of document type B and C should be attached in the document hierarchy. How to restrict the user from attaching other type of documents?
  What will be the best solution for this scenario?
  Thanks in advance
  Prasad K

  Hi
  Plz
  Any inputs on this?
  Regards
  Prasad

• Sales document type restriction to create sales order

  Hi Frinds,
  My client has one requirement ...they have different sales document type. For sales document type  free of charge delivery they want only some authorised person should be able to create sales order. Is it possible to set the authorisation to create sales order according to sales document type.
  Regards
  SV

  Yes, 
         As already suggested, it is very well possible to restrict the user for the use of certain sales document type from basis.
  & to add to the above,
  Create Z* table with Sales Org + Doc type = UserID.
  call this table in VA01 transaction & write piece of coding , if current USerID have entry in this table with the said combination - should not allow to proceed further.
  without any basis involvement also you can ahieve your requirement.
  Note: Sales Org is used for validation purpose only.
  Regards,
  Reazuddin MD

• BASIS--to restrict authorization for a PO document type & 122 movement type

  Dear All,
  Plz guide me how to restrict authorization for a PO document type & for a movement type 122 i.e. for eg. if a user has authorization for PO document type IC then he should not be able to rum movement type 122 for any T-code he runs.
  Thanks in advance
  Arpit
  Basis

  Hi,
  Your request was not too clear to me.. As per my unde
  Here is some details of Authorization object related to Purchase Order:
  Document Type in Purchase Order( M_BEST_BSA )
  Purchasing Group in Purchase Order (M_BEST_EKG )
  Purchasing Organization in Purchase Order  (M_BEST_EKO)
  Plant in Purchase Order  (M_BEST_WRK )
  Document Type in Outline Agreement (M_RAHM_BSA )
  Purchasing Group in Outline Agreement (M_RAHM_EKG )
  Purchasing Organization in Outline Agreement ( M_RAHM_EKO )
  Plant in Outline Agreement ( M_RAHM_WRK )
  This can be helpfull to you to restrict authorization to PO..
  In Organization Level, it can be restricted by Purchasing group, Purchasing organization and plant..
  Regards,
  Sandip

• Document type restriction in GL posting.

  Dear All,
  How can i restrict a GL account to have only one specific document type documents. I mean only one document type should be posted to that GL.
  It should not contain any other document type other than specified one.
  I know this is possible through validation. But it is not checking if i write validation in OB28. If possible can any one guide me in writing the validationIs there any other way to restrict
  a GL for only one document type.
  Please reply...thanks in advance.
  sapuser.

  Hi,
  To make the GL account specific to a particular document type, you can write the validation as below:-
  Step 1:-
  Create a message ID via transaction code SE91 for message class /EACC/MSG/ACC_COMP as you want to display to user.
  Step 2:-
  Go to transaction GGB0 and create the validation step at complete document level in Financial Accounting as below:-
  Pre Requisits:-
  BKPF-BLART = 'KR'. (example KR doument type)
  Check:-
  BSEG-HKONT <> '1234567890' (the account no. you want to get posted only with the document type given above.)
  Message:-
  Message created in step 1 as error message.
  Step 3:-
  Please also check that this validation has active status (Status=1) at line line item level (level 2) for your company code in transaction OB28.
  Regards,
  Gaurav