HR Authorisations

Question: I'm trying to restrict access to particular fields within a HR master data screen to certain users only without taking away access to the transaction itself. A transaction variant cannot be used as screen displays for HR masterdata are controlled through configuration ("features").

The feature which controls the particular HR masterdata screen we're looking at, does allow control according to User Group. The other control fields that are available work according to the transaction being executed or characteristics of the data being accessed - ie not according to the characteristics/profile of the user accessing the data.

We're talking PA20, infoype 002 - the feature is P0002. The problem is that users can change their own parameters (and therefore what they see) and I've been told in another post here not to try and restrict access to updating parameters or to use parameters as a means of controlling authorisation.

Anybody got any suggestion of how to achieve this?

Mike.

Answer:
There is an article a few years ago in HR Insider that shows how to do this. HR Insider is a subscription publication. Back issues are available on line to paid up users.

It is technically viable but you have to know that there are a lot of functional issues in managing field level access for some and not for others. You'll also have to take measures to control access to this data in reports, table browsers etc