In this blog, I am going to explain how the SOVN Org Chart application is setup through the AdminConsole.
The AdminConsole is a Graphical User Interface used to set up the application and perform basic configurations.
It is accessed using the URL format:
* Nakisa Org Chart is a web-based application and it is launched from a web browser using the administrator URL above.
Users should refer to the Admin Guide before using the AdminConsole for the first time and should use it as reference when performing configurations.
The default login credentials for the AdminConsole are:
- Username: admin
- Password: admin
* Nakisa recommends securing the AdminConsole by changing the default password for the ‘admin’ user. You can do this in Security Settings >Manage Users> Change password.
Settings are organized into modules that are accessed from the menu panel in the bottom-left corner.
To set up the application we have to look at 3 modules: Security Settings to configure authentication, Data Center to define connections and Org Chart to set up the org chart structure.
To have a clearer view of the AdminConsole interface, here is an image from the Administrator Guide.
Import Nakisa Transport Package and ABAP Add-on into SAP.
The Nakisa Transport Package and ABAP Add-on are available for:
-ECC6 EhP4 & EhP5
-ECC6 (no EhP up to and including EhP3)
-ECC5 and R/3 4.7
* The Nakisa ABAP Add-On serves as the integration layer between Nakisa and the SAP server. It provides the custom function modules that extract organizational structure and data from the SAP system.
The live connection architecture configuration (SAP_Live_2 or SAP_Live_RFC) will be used.
Authentication will be via Logon Forms: this authentication requests the user to enter their SAP logon credentials in order to be authenticated against the SAP backend.
* It is important to note that when Portal integration (SSO) is enabled, the application cannot be accessed unless it is through the Portal.
When using authentication it is possible to use application security roles (Everyone, Executive, Manager, HR, and Assistant). These roles are mapped to SAP users by using the roles that are assigned to user accounts in the SAP backend.
1-Upload the Serial file:
A first message appears saying that the license is expired.
- Click “here”, enter the AdminConsole User name and Password and login.
- Then, browse to the directory where the Serial file is store and upload it- The Serial file is saved to the XML folder in the main application directory.
- Close the browser and load the AdminConsole.
The application reads the Serial file, and is then activated.
* The application cannot be configured until the serial is uploaded. Serial file is requested via OSS using component XX-PART-NKS-LKY and it should be done a few days ahead of configuration.
2- Load and save a build.
- Loading SAP_Live_2 or SAP_Live_RFC.
- Save it.
* It is good practice to save the out of the box configuration build in case you need to set up a new Org Chart configuration. If the existing build becomes corrupted or unusable and you don’t have a back up build, then you might need to redeploy the application again.
3- Setup Authentication
Authentication is needed to protect unauthorized access to data or to allow role mapping.
In Security Settings module, go to User Authentication > Authentication Settings.
- Select Logon Screen, click next.
- In the Credentials section, click next.
- In the Authentication Source, enter:
– Application Server Host: SAP server name
– System Number: SAP system number.
– Client: SAP client number.
- In the Employee Source section, click next
- In the Role Mapping section enter your user name and password, click next
- Press Submit.
* Logon Screen authentication requests the user to enter their SAP logon credentials in order to be authenticated against the SAP backend. Login credentials are transmitted to the server over the HTTP connection using HTTP POST.
Anonymous authentication allows any user to access the application without providing login credentials – this method does not support role mapping and application roles.
4- Add SAP connection string
In the OrgChart module, go to Org Structure > Data Connection.
- Enter the connection string:
ASHOST=<SAP server> SYSNR=<system number> CLIENT=<client>
A user account is entered here if anonymous access is used:
We do it here for convenience because you also have to enter the root OrgUnit ID, but best practice is to do it in the Data Center.
In Data Center module, click on Data Connections:
- Select SAPConnection and click Configure.
- Click the edit button and enter the SAP system details in the same format as mention above.
- If Anonymous authentication is used then also add the SAP user account to the end of the connection string.
- Press Submit
* Do not add username and password in the SAP connection string when using Forms Login or SSO because otherwise it only uses that user account.
5- Root OrgUnit ID to Organization Structure orgchart
In the OrgChart module, go to Org Structure > General Settings.
- In the Org chart root value, enter your object ID
(The Object ID of the OrgUnit at the top of the structure in SAP)
- Position Hierarchy OrgChart: add root position Id or disable it if S A 002 S isn’t maintained in the client system.
- Press Submit
* If you need to change your root value you can do it here by entering your new object ID.
6- Save and Publish
After this entire configuration is complete, return to the main screen and click save. Once the configuration build has saved click Publish.
* Publish: put the configuration into the runtime folders.
I have to thank Luke Marson (My Nakisa and SAP mentor at Gavdi) who has inspired and helped me with my very first blog.