나는 삽질중이다.

전기기간 어쩌구 저쩌구 나오면서 전기가 안된다고 할때는 OB52에서 전기기간 설정내용을 봐라.
시작기간과 종료기간안에 들어가 있어야지 전기가 된다.
제일끝에 Augr은 F_BKPF_BUF authorization object에 의해서 컨트롤 된다. (넣으면 저 권한가진 사람만 전기됨)

Use

A posting period can be made available to only a limited set of users
using the authorization group.

Procedure

If only a limited set of users is to be able to post in a particular
posting period, proceed as follows:

o Add the posting period authorization (authorization object
F_BKPF_BUP) to the authorizations of the selected users. Assign an
authorization group (e.g. '0001').

o Enter the account type '+' for the posting period variant to which
the restriction is to apply. Enter the period(s) whose use is to be
restricted in the first period, those which are available to all
users in the second period, and the authorization group (e.g.
'0001') in the last column.

What we have done at our company is that we have created a role with only the auth object F_BKPF_BUP in the auth profile with value 0002 and assigned this to the composite roles of users who require this access.
All other roles that have this same object, it has been set to the value 0001. This holds the risk that with mass generation, this setting is overwritten.
What you can do to restrict this, is change the standard setting in SU24 to include 0001 instead of *. This way, you limit the risk and only have to monitor one role.

SU01에서 Parameter(매개변수) Tab의 의미

In SU01, what does the tab Parameter mean?

Parameter has fields that a user wants to get auto filled when he open some Tcode.
This field can be filled with proposed values from SAP memory using a parameter ID.
For example, if a user only has authorization for company code 300 and
he wants the company code field to be auto-filled in every transaction. For this,
a parameter is defined in the parameter ID column. Fields that refer to the data
element are automatically filled with the value 300 in all subsequent screen templates.

원문 :

When initiating a transaction, a system program performs a series of checks to ensure that the user is authorized.

1. The program checks whether the transaction code exists in table TSTC.

2. The program checks whether the transaction code is locked by the administrator (transaction code SM01).

3. The program checks whether the user has the authority to start the transaction. Authorization object S_TCODE (transaction start) contains the
authorization field TCD (transaction code). The user must have the appropriate authorization for the transaction code to be started (for example, FK01, Create Vendor).

4. The program checks whether an authorization object is assigned to the transaction code. If this is the case, the program checks whether the user has an authorization for this authorization object. The transaction code/authorization object assignment is stored in table TSTCA.

5. The system performs authorization checks in the ABAP program using the ABAP statement Authority-Check.

Note: An SAP program controls steps 1-4. It displays an automatic message to the user if an authorization attempt fails in the step.

한글 :
SAP Program이 실행될때 확인하는 순서
1. TSTC Table에 Tcode가 있는지 확인
2. Transaction이 막혀있는지 확인 (SM01)
3. 권한 점검 (S_TCODE, TCD등등)
4. 해당 권한 object가 있는지 확인 (TSTCA Table에 저장되어 있음)
5. 프로그램은 ABAP구문에서 Authority-Check라는 걸로 체크함

Note : SAP Program은 1-4까지로 권한 체그함.