Skip to Content
Author's profile photo Stephen Burr

How to setup SOVN OrgAudit application

This blog details how to complete the setup of the SAP Org Visualization by Nakisa OrgAudit module. For similar information on SOVN OrgChart then see the blog “How to set up SOVN OrgChart application” by Mercedes Martin.

Once you’ve followed the deployment steps (see “VSN40_Deployment_En.pdf”), then it is time to start configuring the application in your environment.

This is the bare minimum configuration required to get the “out of the box” application up and running. If you can’t follow a particular step, consult the Admin guide (for OrgAudit 4.0 it is called “OrgAudit_VSN40_Admin_En.pdf”).  I have assumed the use of Plan Version 01.

*** Please do not consider this a template for implementing, as you should consider your own requirements. ***

Loading the Default Build

The default path to the AdminConsole is:

and as per all other SOVN (and STVN) applications, the default login is admin / admin.  If this is the first time the application has been accessed then you will be told your “licence has expired”.  If you don’t see this message, skip the next paragraph.
If you do, read the full message carefully then you’ll see there is a link at the end of the text which you need to click to upload your serial file.  Follow the instructions on screen including closing your browser when prompted.  Once you have installed the licence and logged back into the AdminConsole, then you will see a list of builds.

From the list of builds, select and Load initial default build (Oracle, SQL Server or DB2) based on your chosen database.

Use “Save as…” button to create a copy by specifying your own build name.  This will ensure the default build supplied is untouched; a useful reference.  Since we are using the standard build, I tend to name these “client_OOTB_DEV” (with the client’s name in the build name).
AdminConsole - Front screen.PNG

Data Connections

Use Data Center to configure (and test!) the Data Connections for each of the following data connections:
AdminConsole - DataConnections.PNG
  • DestinationConnection
    • Set the RDBMS connection to the database you have set up for the purpose of holding OrgAudit application data. 
    • The username used to access the RDBMS system must have read/write/create/drop object rights to this database.  See the OrgAudit Admin guide for more details.

  • SAPRoleMappingConnection and SAPExtractorConnection

    • SAP connection in format:

      SYSNR=xx CLIENT=xxx USER=username PASSWD=password

    • The username and password are of a system account in SAP with at least the permissions detailed on p14 (“Authorization Objects”) of the OrgAudit Admin guide (“OrgAudit_VSN40_Admin_En.pdf”).

Submit your changes and then Save your build changes.



The out of the box authentication method is “Anonymous”, meaning anyone with access to the URL will have access to the application.  For the purpose of this exercise you don’t need to change it, but I will list how to change it to a Login screen and I recommend you consider which authentication method suits you best when implementing.

Use the Security Settings section to configure authentication.  Go to User Authentication > Authentication Settings.

For simplicity, start by using the “Logon Screen” option (meaning the user will have to enter a valid SAP username and password to enter).

  • Select Logon Screen, click Next
  • For Credentials, just click Next
  • In the Authentication
    section, enter the information requested based on the SAP system you will authenticate against and click Next.
  • For Employee
    , just click Next.
  • In the Role
    section you should see the connection details you’ve already set up (as it uses SAPRoleMappingConnection), so just click Next (feel free to use Test Connection to double check!)
  • Press Submit

Click Save to save your build changes.


Again, for simplicity, let’s make the HR role the default so we are assigned this when we come to test. In the Security Settings module, select Define Roles (below Roles). Then click Edit Roles.  In the drop down, Select Role select ROLE_EXECUTIVE (or ROLE_HR as they are identical) and click Set as Default.

Click Finish, Submit and Save your build.

Note that because OrgAudit is based on staged data, any SAP structural authorization will not apply to the structure.  This means all users will see the entire organizational structure, including error details for all org units.  OrgAudit is intended for managers, HR and executives – not for general employees.

Extracting Data

The extraction process needs some basic configuration to specify the root id of your organisation as this is used in the extraction.

Click Configure Staging module, then Configure SAPExtractor. In the first section, test the (SAP) connection, click Next, then test the (DB) connection and click Next until the Keywords section.  Set the OrgUnitRoot as required (normally the same as you set for the Org Unit hierarchy in the previous section).

Click Finish, Submit and Save your build change.

Extract Data

This retrieves all the data to visualise the organisational structure and its objects (org units, positions and employees).  It is very similar to configuring staging in OrgChart but unlike OrgChart, there is no analytics generation step … analytics related to the audit data are available in the application, but are calculated later in the process.

AdminConsole - Staged Extraction.PNG
Click Configure Staging module, then Start Data Extraction.  Ensure both check boxes are checked and run extract by clicking Start Extraction.  This will take a while to run depending on your organisation’s size.  Wait for it to complete before proceeding.

Personally, I recommend checking the CDS log for any errors at this stage (this blog post is a good reference for how you could use a script to do that).

Set Root Ids

The Org and Position hierarchies require configuration of the root. For simplicity we will specify a specific root id (object id from SAP). Use SAP transaction PPOSE to locate and confirm these root object ids in your system.

In the Audit View module, click on Org Unit (below Organization Structure).  Click on General Settings section and in the Org chart root value field enter your root org unit ID.  Click Finish, then Submit.

Still in the Audit View module, click on Position Hierarchy (below Position Org Chart).  Repeat the process above to specify the root of this structure (a position id).  If you don’t maintain S 002 S relationships, then you can disable this hierarchy in the Enable/Disable section found when you click on the Position Org Chart.

Click Finish, and then Submit.  Click Save to save your build changes.


Configure Audit

Next we need to create the database structure to hold the rules and errors in the application database.

To do this, click Configure Audit module then Configure Audit (below ErrorExtractor Settings).  By all means test your (SAP) connection but then click Next.

In the Destination section, click Recreate Database Structure button (note we are only doing this because it is the first time of setting up the application).  In the pop up message, confirm with Yes.  A confirmation message (not that big, but just above the connection input boxes) appears on screen.  Click Finish, and then Submit

Add Rules

This is the configuration of the rules applied to data and then the running of the audit steps (to apply the configured rules and produce any errors).

Click Configure Audit module, then Add Rules (below ErrorExtractor Settings).  For each rule template you intend to use, you need to select it (one at a time), and click through this wizard to configure it.
Note: If you wish to use all rule templates you can use the button “Delete Audit & Reapply Rules” at the bottom of the screen where you just recreated the database structure.

For simplicity (and I don’t recommend this long term), let’s configure 1 rule (repeat for others if you wish).  Check the second rule (“Age Incorrect”) in the list of template rules and click Next.

Modify the rule (click icon to left of the row) and change the “Rule Weightage” from 6 to 100 (since we will only have 1 rule for now, we have to put 100%, as the active rules for each group must sum to 100%). Click Next.  Click Finish.  Click Submit.

Click Save to save your build changes.
AdminConsole - Audit Extraction.PNG
Click Start Error Extraction module and ensure the first 2 check boxes are checked.  Now click Start Extraction. This extracts and formats further data related to the rules.
Once complete, click Close and then Run Audit to start the final step.  When this has finished you will get a pop up dialogue box.  You can optionally press Preview Audit to see a PDF of the results.  Then click Save Audit.  Don’t be alarmed when you do this, as this does some additional processing steps.

When this completes, click Close, then click Save & Publish current build… and Publish your build.

Publishing does the usual save of your configuration, followed by “publishing” (copying) of the build to the runtime directories, but then it also re-runs the “joinConfiguration.xml” from the “Audit – Join” step.

Close the browser once published and open a new one to try it out!  The application will be accessible via:

Obviously give it a full test but as a 2 min quick sense check, I would suggest testing:

  • Is each hierarchy visible?
  • Click on different types of node (OU, Position, etc.) to view the detail panels.
  • In the Audit Runs listing, can you see 1 result for the audit run you’ve just completed?
  • Does the analytics dashboard display?
  • Does a selection of listings return results?

Post Set Up

You now have an OOTB (out of the box) build setup.  This is always a great reference in case of any product issues. 

So, I suggest that when you start to configure the application further you use “Save as…” again to create a new build version and configure from there.  You can also use the “Export Changes” button in the AdminConsole to export your build to a ZIP file and store it in your project directory as a backup.


You have now configured the basic set up of OrgAudit and can use all the features and functions it offers to visualise and manage data errors.  For more detail on some of the technical aspects of implementing OrgAudit then see this blog post which is part of a series about OrgAudit which started here.

Assigned Tags

      You must be Logged on to comment or reply to a post.
      Author's profile photo Luke Marson
      Luke Marson

      Hi Stephen,

      A nice and clear set of instructions that even a beginner should be able to follow. Along with the Admin Guide, this should help anyone get the application up and running.

      Best regards,


      Author's profile photo Yatin joshi
      Yatin joshi

      Hi Stephen,


      I liked all your blogs and followed most of them, I am currently doing the NAKISA implementation version 4.3 SP3 - Can you confirm if its possible to implement the orgAudit without staging database ? Also do you have any blog or document on how to implement Team Manager?