However, I also need to give them access to one cost element across all cost centers. This seems to negate the restrictions in the above role. How can I fix this?
In the other authorization object, enter an * in the cost center field and the single cost element in the cost element field. SAP authorizations are never aggregated to determine whether a user can access data or not. They are tested one at a time using or logic. Just think of a key chain and that ever key in the key chain is tested in the lock one at a time.
This was first published in March 2010