HR structural authorization to control access to CO objects?

Question: in the documentation i have been reading i only found references pointing
towards the use of HR structural authorizations to control access to HR
relevant data.

does the HR structural authorization concept allow to control access to
Controlling objects such as Cost Center and Profit Center objects?

if not, how to allow the access to a certain Cost Center by USER1 from
department A but not from USER2 from department B? many thanks in
advance for your comments.

daniel
_________________
Not a SAPfans member yet? It takes less than 1 minute Here!
"Act as if the maxim of your action were to become through your will a universal law of nature." K.

Answer:
HR structural authorization does control certain aspect of Controlling and SD only as it relates to HR. Cost Center and Profit Center are not part or HR and they have their own hierarchy. Cost center and profic center contorl is primarily controlled with K_REPO_OPA, K_CCA and K_PCA. But there are fewer controls on CO and PC than you would like.

Answer:
got some more insites from SAP in this front that think could be useful:

**************
Dear Daniel Pereira,

The access with help of structural authorizations can be controled for
HR-objects and with some exceptions for so called 'external' objects as
well. Unfortunately not for cost centers.

Kindly ask you to review the info below which will be able to explain this
much better than I am able to. Note that the application responsible for
the object-type has to control the access. It is not in the scope of
HR-authorizations to control the access to external object-types.
***
Symptom
a) It is not clear how and whether external object types (external
in the sense of Organizational Management) can be included in the
structural authorization check.

Cause and prerequisites
You use structural authorization profiles and want to know if and to
which extent other than HR object types can be taken into account here.

Solution
a) External object type 'P' for person is completely integrated in
the structural authorization check; for example, you can use
profiles with the evaluation path O-S-P to restrict the access of
a certain group of personnel numbers; external object type 'AP'
is also included in the structural checks according to table
T77PR since Release 4.6A.

The access of further external object types (for example, K for
cost center cannot be restricted by means of structural profiles;
external object types can only be included in the structural
checks under the following prerequisites:

In addition to a relationship to an object of Organizational
Management, the external object type must also have a corresponding
inverse relationship; you can determine from table T77EO which
external object types have inverse relationships. If field INREL is
flagged, the object type has an inverse relationship in the standard
system.

The key structure of the external object must be of type 'NUMC 8'.
This way, the prerequisite is met to store concrete object IDs for
the object in table T77PR in the 'ID' field. You can determine from
Transaction SE11 which key structures meet this prerequisite.

Example: in structure PKEYS, the relevant data element is defined
with type 'NUMC 8', the external object type 'WS' has this structure
and an inverse relationship and consequently, it can be included in
the structural checks.
***

No comments:

topics