SAP Knowledge Base Article - Public

3430018 - Line Items Missing in General Ledger Reporting Apps after 2402

Symptom

Some line items are not visible in apps such as 'Display Line Item Entry' and 'Display Line Items in General Ledger' after the upgrade to S/4HANA Cloud 2402.

Environment

SAP S/4HANA Cloud

Reproducing the Issue

  1. Open 'Display Line Item Entry'.
  2. Search for an affected journal entry.
  3. See 1 or more line items are not visible despite successfully being posted.

Note: The above example refers to 'Display Line Item Entry' app but the issue may occur in many apps accessing backend tables ACDOCA and BSEG.

Cause

With SAP S/4HANA Cloud 2402 major changes to the authorization checks for access to Universal Journal Entry Items are delivered. This affects many of the apps accessing data from ACDOCA and BSEG.

Resolution

You need to check for the following restriction types in Authorizations in Analytics for Universal Journal as there are changes with CE2402. The authorization checks for these restriction types are now relevant for all authorization contexts:

Name of Restriction Type

Technical Name of Restriction Type

Where to find

Asset Postings: Company Code / Asset Class

A_B_ANLKL

 

Cost Center / Cost Element

KOSTL_KSTAR

 

Account Type

KOART

 

Functional Area

FKBER

General

Order Category / Order Type for Journal Entries

F_BKPF_ORD

 

Sales Area

SALES_AREA

 

Sales Area / Sales Office / Sales Group

SALES_AREA_OFFICE_GROUP

 

Sales Document Type

AUART

General

Segment for Segmental Reporting / Record Type

SEGMENT_GLRRCTY

 

Valuation Area

BWKEY

General

If you want to grant access to all users, choose Unrestricted Access (*). This setting should cover most cases.

In case you do not grant unrestricted access for the following restriction fields in the listed restriction types, you need to explicitly grant access to Journal Entry Items with initial value, if required.

Restriction Type

Restriction Field

Remark

Asset Postings: Company Code / Asset Class

Asset Class

 

Cost Center / Cost Element

Cost Center

 

Financial Account Type

Financial Account Type

Set to unrestricted to get initial values

Order Category / Order Type for Journal Entries

Order Type

 

Sales Area

Sales Organization

 

 

Distribution Channel

 

 

Division

 

Sales Area / Sales Office / Sales Group

Sales Organization

 

 

Distribution Channel

 

 

Division

 

 

Sales Office

Set to unrestricted to get initial values

 

Sales Group

Set to unrestricted to get initial values

Sales Document Type

Sales Document Type

 

Segment for Segmental Reporting / Record Type

Segment

 

Valuation Area

Valuation Area

 

 

If you want users to see line items with an empty restriction type, such as an empty functional area, go to the Ranges tab and choose Add. Enter a pair of single quotation marks (ASCII code alt + 39). It doesn't matter whether there is a space between them (' ') or not (''). Choose Add and then Close.

Do NOT use double quotation marks " (ASCII code alt + 34)

For example:

  • A journal entry is posted with 2 line items. The Cost Center on line item 1 is filled as 'ABC', and Cost Center is Initial (empty) on line item 2.
  • User A has restriction type Cost Center maintained as 'Unrestricted'. They can view both line items.
  • User B has restriction type Cost Center maintained as 'ABC', ' '. They can view both line items.
  • User C has restriction type Cost Center maintained as 'ABC'. They can only view line item 1.

Detailed Examples

If business users shall have access to line items with initial values (for example, empty cost centers), you need to add the value ''. That is, you need to enter a pair of single quotation marks (ASCII code alt + 39). It doesn't matter whether there is a space between them (' ') or not (''). 

This needs to be done for the restriction field in the respective restriction type in the following way:

Asset Postings: Company Code / Asset Class: In case restriction field Asset Class is not maintained with unrestricted access (* asterisk), you need to add the value '' to the list of asset classes the business role has been granted access for. This needs to be done for all company codes the user has been granted access to.

Example:

Asset Class: ANLCL1, ANLCL2, ANLCL3
Company Code: 1000
Asset Class: ANLCL1, ANLCL2
Company Code: 2000

To grant access for initial values this needs to be changed to:

Asset Class: ANLCL1, ANLCL2, ANLCL3, ''
Company Code: 1000
Asset Class: ANLCL1, ANLCL2, ''
Company Code: 2000

Company Code / Profit Center / Cost Element: In case restriction field Profit Center is not maintained with unrestricted access (* asterisk), you need to add the value '' to the list of profit centers the business role has been granted access for. This needs to be done for all company codes the user has been granted access to.

Example:

Company Code: 1000
Profit Center: PC01, PC02
Cost Element: *
Company Code: 2000
Profit Center: PC01, PC02
Cost Element: 1000000 to 1500000, 2000000 to 2500000

To grant access for initial values this needs to be changed to:

Company Code: 1000
Profit Center: PC01, PC02, ''
Cost Element: *
Company Code: 2000
Profit Center: PC01, PC02, ''
Cost Element: 1000000 to 1500000, 2000000 to 2500000

Cost Center / Cost Element: In case restriction field Cost Center is not maintained with unrestricted access (* asterisk), you need to add the value '' to the list of cost centers the business role has been granted access for.

Cost Center: CC01, CC02
Cost Element: *
Cost Center: CC03, CC04
Cost Element: 1000000 to 1500000, 2000000 to 2500000

To grant access for initial values this needs to be changed to:

Cost Center: CC01, CC02, ''
Cost Element: *
Cost Center: CC03, CC04, ''
Cost Element: 1000000 to 1500000, 2000000 to 2500000

Account Type: In case restriction field Financial Account Type is not maintained with unrestricted access (* asterisk), you need to add the value '' to the list of financial account types the business role has been granted access for.

Example:

Account Type: D

To grant access for initial values this needs to be changed to:

Account Type: D, ''

Order Category / Order Type for Journal Entries: In case restriction field Order Category is not maintained with unrestricted access (* asterisk), but Order Type is maintained with unrestricted access you do not need to add the initial value to Order Type. In case restricted access for Order Type is defined, you need to add the value '' to the list of order types the business role has been granted access for. This applies in case unrestricted access (* asterisk) has been granted for Order Category as well as in case restricted access has been granted for Order Category. In case restricted access has been granted for the field Order Category this needs to be done for all order categories the user has been granted access to.

Example:

Order Category: *
Order Type: 0001, 0002, 0003
Order Category: 01
Order Type *
Order Category: 05
Order Type: RM01

To grant access for initial values this needs to be changed to:

Order Category: *
Order Type: 0001, 0002, 0003, ''

Order Category: 01
Order Type *
Order Category: 05
Order Type: RM01, ''

Sales Area: In case any of the available restriction fields is not maintained with unrestricted access, you need to add the value '' to the list of restricted restriction fields.

Example:

Sales Organization: 1000
Distribution Channel: *
Division: *
Sales Organization: 1000
Distribution Channel: 00
Division: *

To grant access for initial values this needs to be changed to:

Sales Organization: 1000, ''
Distribution Channel: *
Division: *
Sales Organization: 1000, ''
Distribution Channel: 00, ''
Division: *

Sales Area / Sales Office / Sales Group: For this restriction type the same applies as described for restriction type Sales Area.

Except for the restriction fields Sales Office and Sales Group. For these you need to maintain Unrestricted.


To avoid effects on the restricted values for existing authorizations in case you do not grant unrestricted access to the restriction fields Sales Office and Sales Group, you need to add a new authorization as follows:

Sales Organization: ''

Distribution Channel: ''

Division: ''

Sales Office: *

Sales Group: *

Note that this is only relevant in case you do not use restriction type Sales Area. In case Sales Area is used, restriction type Sales Area / Sales Office / Sales Group is ignored.

Sales Document Type: In case restriction field Sales Document Type is not maintained with unrestricted access, you need to add the value '' to the list of sales document types the business role has been granted access for.

Example:

Sales Document Type: AEBO

To grant access for initial values this needs to be changed to:

Sales Document Type: AEBO, ''

Segment for Segmental Reporting / Record Type: In case restriction field Segment for Segmental Reporting is not maintained with unrestricted access, you need to add the value '' to the list of segments the business role has been granted access for.

Example:

Segment for Segmental Reporting: SEGM_A

To grant access for initial values this needs to be changed to:

Segment for Segmental Reporting: SEGM_A, ''

General - Valuation Area: In case restriction field Valuation Area is not maintained with unrestricted access, you need to add the value '' to the list of valuation areas the business role has been granted access for.

Example:

Valuation Area: 0001

To grant access for initial values this needs to be changed to:

Valuation Area: 0001, ''

General - Functional Area: In case restriction field Valuation Area is not maintained with unrestricted access, you need to add the value '' to the list of valuation areas the business role has been granted access for.

Example:

Functional Area: 0001

To grant access for initial values this needs to be changed to:

Functional Area: 0001, ''

This How to Use 'Maintain Business Roles – Mass Maintenance' to Apply the New Functional Area Restriction Coming with the 2402 Upgrade of SAP S/4HANA Cloud Public Edition blog describes how to maintain the required authorization as mass maintenance.

This blog is done at the example of Functional Area and Unrestricted. You need to apply this process to the restriction type listed in the KBA, as described in the blog for the combinations of access category and restriction type. The only relevant access category is Read. 


See Also

What's New in SAP S/4HANA Cloud 2402 IAM: Authorizations in Analytics for Universal Journal

There are 70 Catalogs listed. Ensure review of same.

Examples of a selection FIORI apps using some of business catalogs referenced in What's New 

Financial Plan Data Report (Cloud)

Sales Orders - Actuals (Cloud)

Cost Centers - Actuals (Cloud)  

Cost Centers - Plan/Actuals (Cloud)
Profit Centers - Actuals (Cloud)

Keywords

Display, line, item, general, ledger, entry, authorization, missing, restrictions, 2402, upgrade, cost, profit, center,  (GENLDGR (General Ledger Accounting), ASSET (Fixed Asset Accounting), OVHDCOST (Cost Accounting – Overhead), SALES (Cost Accounting – Sales), INVTRY (Cost Accounting – Inventory), PRODNCOST (Cost Accounting – Production) , analytics  , KBA , FI-FIO-GL-IS-2CL , Reporting Apps (Public Cloud) , How To

Product

SAP S/4HANA Cloud Public Edition 2402