Foundation 1.1 Administrator Guide Version A

Thermo Foundation Version 1.1

Administrator Guide

XCALI-97328 Revision A May 2011

http://www.surveymonkey.com/s.aspx?sm=R7gKOvhLXn3NTkpK2BefHQ_3d_3d

© 2011 Thermo Fisher Scientific Inc. All rights reserved.

Xcalibur, Surveyor, LTQ, and Accela are registered trademarks, and LCQ, BioWorks, and LCquan are trademarks of Thermo Fisher Scientific Inc. in the United States.

The following are registered trademarks in the United States and other countries: Microsoft, Windows, Windows Vista, Access, and Excel are registered trademarks of Microsoft Corporation. Adobe, Acrobat, and Acrobat Reader are registered trademarks of Adobe Systems Incorporated.

Agilent is a registered trademark of Agilent Technologies, Inc. in the United States and possibly other countries.

Waters is a registered trademark of the Waters Corporation in the United States.

All other trademarks are the property of Thermo Fisher Scientific Inc. and its subsidiaries.

Thermo Fisher Scientific Inc. provides this document to its customers with a product purchase to use in the
product operation. This document is copyright protected and any reproduction of the whole or any part of this document is strictly prohibited, except with the written authorization of Thermo Fisher Scientific Inc.
The contents of this document are subject to change without notice. All technical information in this document is for reference purposes only. System configurations and specifications in this document supersede all previous information received by the purchaser.

Thermo Fisher Scientific Inc. makes no representations that this document is complete, accurate or error-free and assumes no responsibility and will not be liable for any errors, omissions, damage or loss that might result from any use of this document, even if the information in the document is followed properly.

This document is not part of any sales contract between Thermo Fisher Scientific Inc. and a purchaser. This document shall in no way govern or modify any Terms and Conditions of Sale, which Terms and Conditions of Sale shall govern all conflicting information between the two documents.

Release history: Revision A, May 2011

Software version: Thermo Foundation 1.1

For Research Use Only. Not for use in diagnostic procedures.

C

Contents

Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viiAbout This Guide. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viiRelation Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .viiiSpecial Notices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .viiiContacting Us . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .viii

Chapter 1 Using the Thermo Foundation Auditing Database Configuration Manager . . . . .1

Chapter 2 Establishing Secure File Operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5Turning Off Fast User Switching for Local Workstations . . . . . . . . . . . . . . . . . . 5Confirming the Properties of Thermo Foundation DatabaseService . . . . . . . . . . 7Configuring Security Settings for Folders and Files . . . . . . . . . . . . . . . . . . . . . . 10

Working with Accounts Set Up by the Foundation Application . . . . . . . . . . 11Adding Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11Removing Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15Setting Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15Setting Permissions for Foundation Application Folders . . . . . . . . . . . . . . . . 18Sequential User Logon and Automatic Logoff . . . . . . . . . . . . . . . . . . . . . . . . 22

Configuring Security Settings for the Database Registry Key . . . . . . . . . . . . . . . 23Removing and Archiving Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

Chapter 3 Defining Secure User Groups and Adding Users . . . . . . . . . . . . . . . . . . . . . . . . . .29Planning User Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30Using the Thermo Foundation Authorization Manager. . . . . . . . . . . . . . . . . . . 30

Defining User Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31Editing User Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33Setting Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33

Setting the Permission Levels for an Individual Feature . . . . . . . . . . . . . . . 34Setting All Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36Inheriting Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36Exporting and Importing Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

Specifying Predefined Comments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37Viewing the Authorization Manager History Log . . . . . . . . . . . . . . . . . . . . . . . 38Printing the Security Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38Saving the Security Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38

Thermo Scientific Thermo Foundation Administrator Guide iii

Contents

Chapter 4 Using the Thermo Foundation CRC Validator. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .39Checking Files with the Thermo Foundation CRC Validator . . . . . . . . . . . . . . 40Selecting Files Using Database Filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41Selecting Files Using a Pattern. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43

Chapter 5 Auditing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .45Accessing the Auditing and Workbook Databases . . . . . . . . . . . . . . . . . . . . . . . 45

Accessing the Global Auditing Database . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46Accessing the Application Workbook Database . . . . . . . . . . . . . . . . . . . . . . . 46

Viewing Audit Viewer Pages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48Filtering Audit Viewer Entries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49Sorting Audit Viewer Entries. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50Printing Audit Viewer Entries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51

Printing the Audit Trail for the Global Auditing Database . . . . . . . . . . . . . . 51Printing the Audit Trail for an Application Workbook Database. . . . . . . . . . 51

Appendix A Installing an Oracle Database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .53Installing the Oracle Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54Installing the Oracle Client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63

Appendix B System Administration Reference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .71Thermo Foundation Administrator Utilities . . . . . . . . . . . . . . . . . . . . . . . . . . . 71

Instrument Configuration Dialog Box. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72Out of Date Instrument Drivers Detected Dialog Box . . . . . . . . . . . . . . . . . 73Thermo File Converter Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74Library Manager Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77

Convert Libraries Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78Manage Libraries Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80

Thermo Foundation Audit Viewer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81All Page, Audit Viewer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82History Page, Audit Viewer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83Event Page, Audit Viewer. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84File Tracking Page, Audit Viewer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85Instrument Error Page, Audit Viewer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86Sort Entries Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88Print Options Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88Filter Entries Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89

Thermo Foundation Auditing Database Configuration Manager . . . . . . . . . 89Thermo Foundation Authorization Manager. . . . . . . . . . . . . . . . . . . . . . . . . 91

Choose Secure Group Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102Create Private Group and Edit User List Of Private Group Dialog Boxes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102Comment List Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103

iv Thermo Foundation Administrator Guide Thermo Scientific

Contents

Users In Group Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103New Comment Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103

Thermo Foundation CRC Validator . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104

Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .107

Thermo Scientific Thermo Foundation Administrator Guide v

P

Preface

The Thermo Foundation Administrator Guide describes how to provide system administration for standard system operation using the Thermo Foundation™ mass spectrometry data system. For information on how to use tools in the Foundation data system to support compliance with the Electronic Records and Electronic Signatures Rule, published by the United States Food and Drug Administration as 21 CFR Part 11, refer to the Thermo Xcalibur LCquan Administrator Guide.

To provide us with comments about this document, click the link below. Thank you in advance for your help.

About This GuideThis guide has the following topics:

• Using the Thermo Foundation Auditing Database Configuration Manager

• Establishing Secure File Operations

• Defining Secure User Groups and Adding Users

• Using the Thermo Foundation CRC Validator

• Auditing

• Installing an Oracle Database

• System Administration Reference

Contents

• About This Guide

• Relation Documentation

• Special Notices

• Contacting Us

Thermo Scientific Thermo Foundation Administrator Guide vii

http://www.surveymonkey.com/s/PQM6P62

PrefaceRelation Documentation

Relation DocumentationYou will also find the information covered in this user guide in a Help system that comes with the Thermo Foundation software.

Thermo Foundation includes Help in HTML format and the Thermo Foundation Administrator Guide as a PDF file.

To view product manuals

Go to Start > All Programs > Thermo Foundation 1.1 > Manuals.

Special NoticesMake sure you follow the precautionary statements presented in this guide. The special notices appear in boxes.

Special notices include the following:

Contacting UsThere are several ways to contact Thermo Fisher Scientific for the information you need.

To contact Technical Support

Find software updates and utilities to download at mssupport.thermo.com.

IMPORTANT Highlights information necessary to prevent damage to software, loss of data, or invalid test results; or might contain information that is critical for optimal performance of the system.

Note Highlights information of general interest.

Tip Highlights helpful information that can make a task easier.

Phone 800-532-4752

Fax 561-688-8736

E-mail [email protected]

Knowledge base www.thermokb.com

viii Thermo Foundation Administrator Guide Thermo Scientific

mailto:[email protected]

http://www.thermokb.com

http://mssupport.thermo.com

PrefaceContacting Us

To contact Customer Service for ordering information

To get local contact information for sales or service

Go to www.thermoscientific.com/wps/portal/ts/contactus.

To copy manuals from the Internet

Go to mssupport.thermo.com, agree to the Terms and Conditions, and then click Customer Manuals in the left margin of the window.

To suggest changes to documentation or to Help

• Fill out a reader survey online at www.surveymonkey.com/s/PQM6P62.

• Send an e-mail message to the Technical Publications Editor at [email protected].

Phone 800-532-4752

Fax 561-688-8731

E-mail [email protected]

Web site www.thermo.com/ms

Thermo Scientific Thermo Foundation Administrator Guide ix


http://www.thermo.com/ms

www.thermoscientific.com/wps/portal/ts/contactus

http://mssupport.thermo.com

http://www.surveymonkey.com/s/PQM6P62


1

Using the Thermo Foundation Auditing Database Configuration Manager

This chapter describes how to use the Thermo Foundation Auditing Database Configuration Manager to configure your database. The database keeps a record of auditable events and changes made to files that a Thermo Foundation application either creates or manages.

Use the Thermo Foundation Auditing Database Configuration Manager to configure either a Microsoft Access™ database on your local computer or an Oracle database on a remote computer. To use an Oracle database, confirm completion of these tasks:

• An Oracle database has been installed on an accessible remote server. Consult your Oracle database administrator for more information, or see Appendix A, “Installing an Oracle Database.”

• The Oracle client software has been installed on your local computer. Consult your Oracle database administrator for more information, or see Appendix A, “Installing an Oracle Database.”

• Make sure that you know the User Name, Password, and Oracle Net Service Name of your Oracle database. Obtain this information from your Oracle database administrator.

Thermo Scientific Thermo Foundation Administrator Guide 1

1 Using the Thermo Foundation Auditing Database Configuration Manager

To configure your auditing database using the Thermo Foundation Auditing Database Configuration Manager

1. From the Windows taskbar, choose Start > All Programs > Thermo Foundation 1.1 > Database Configuration. The Thermo Foundation Auditing Database Configuration Manager wizard opens (see Figure 1).

Figure 1. Thermo Foundation Auditing Database Configuration Manager wizard

2. Select the database type in the Select Database Type area:

• When using a Microsoft Access database, select the Microsoft Access option and go to step 4.

• When using an Oracle database, select the Oracle on Network Server option and go to step 3.

3. To use an Oracle database, specify the Oracle database parameters:

a. Type the database user name in the User Name box.

b. Type the database password in the Password box.

c. Select the Oracle Net Service Name for your database in the Oracle Net Service Name list.

IMPORTANT Be sure to use the Oracle user name and password provided by your Oracle database administrator.

2 Thermo Foundation Administrator Guide Thermo Scientific


4. Click Next. The DatabaseConfigManager dialog box opens (see Figure 2).

Figure 2. DatabaseConfigManager dialog box

5. Confirm that the settings are correct and click OK.

The Thermo Foundation Auditing Database Configuration Manager wizard, similar to Figure 3, appears.

Figure 3. Thermo Foundation Auditing Database Configuration Manager wizard, showing restart settings



6. Select a restart option:

• To have the computer restart automatically after you click Finish, select the Restart Computer now option.

• To restart the computer manually at a later time, select the I will restart later option.

7. Click Finish to save your settings and close the Thermo Foundation Auditing Database Configuration Manager wizard.

IMPORTANT The changes you make in the Thermo Foundation Auditing Database Configuration Manager do not take effect until you restart the computer.


2

Establishing Secure File Operations

This chapter describes how to configure the required operating system security settings to make sure the auditing database, Authorization Manager, and other security features of applications installed on Thermo Foundation software operate correctly.

Turning Off Fast User Switching for Local WorkstationsDepending on the operating system, you can switch between users without actually logging off from the computer. This feature, called Fast User Switching, can be turned off so that the current user must log off before another user logs on.

Turning off fast user switching is important because as the system administrator, if you do not turn off fast user switching, two users could log in at the same time, which can cause strange behavior when they try to control their mass spectrometer. The acquisition service can only handle one user logged in at a time. We recommend all labs turn off fast user switching, regardless of whether secure file operations are important to them or not.

To maintain secure file operations, turn off Fast User Switching on all computers that provide this option.

• Windows 7 operating system provides Fast User Switching on all computers.

Contents

• Turning Off Fast User Switching for Local Workstations

• Confirming the Properties of Thermo Foundation DatabaseService

• Configuring Security Settings for Folders and Files

• Configuring Security Settings for the Database Registry Key

• Removing and Archiving Files


2 Establishing Secure File OperationsTurning Off Fast User Switching for Local Workstations

To turn off Fast User Switching

1. From the Windows 7 taskbar, choose Start.

2. In the Run dialog box, type gpedit.msc and press ENTER.

3. In the Local Group Policy Editor window, navigate to the Local Computer Policy\Computer Configuration\Administrative Templates\System\Logon folder (see Figure 4).

Figure 4. Local Group Policy Editor window

4. Double-click Hide Entry Points for Fast User Switching.

5. In the Hide Entry Points for Fast User Switching dialog box, select the Enabled option (see Figure 5).


2 Establishing Secure File OperationsConfirming the Properties of Thermo Foundation DatabaseService

Figure 5. Hide entry points for Fast User Switching dialog box

6. Click Apply, and then click OK.

When a user logs out, the computer automatically shuts down any programs that are running.

Confirming the Properties of Thermo Foundation DatabaseServiceThe authorization and auditing functions of an application installed on the Thermo Foundation application rely on two system services: the Finnigan Security Server and the Thermo Foundation DatabaseService. These services are installed when you install the application software. They automatically start whenever a user restarts a workstation.

The main function of the Finnigan Security Server is user authentication. If certain events require authentication, the Finnigan Security Server verifies the user names and passwords entered.

With the Thermo Foundation DatabaseService, layered applications can access the auditing database and make auditing entries.

Note The Finnigan Security Server is only installed with the Xcalibur application. For information related to Finnigan Security Server, refer to the Thermo Xcalibur Getting Started Guide.



To confirm the properties of Thermo Foundation DatabaseService are set correctly

1. To open the Services window, choose Start > Control Panel > System and Security > Administrative Tools from your computer taskbar, and double-click Services to open the Services window.

2. Right-click Thermo Foundation DatabaseService and choose Properties from the shortcut menu. The Thermo Foundation DatabaseService Properties dialog box opens to the General page (see Figure 6).

Figure 6. General page

3. On the General page, in the Startup Type list, select Automatic.

4. Confirm that Service Status reads Started.

5. Click the Log On tab to display the Log On page (see Figure 7).



Figure 7. Log On page

6. Under Log On As, select the Local System Account option.

7. Clear the Allow Service to Interact with Desktop check box.

8. Click OK to close the dialog box.

9. Close the Services window and close the Administrative Tools window.


2 Establishing Secure File OperationsConfiguring Security Settings for Folders and Files

Configuring Security Settings for Folders and FilesTo confirm the security of your data, restrict access to the folder named INI (located by default in C:\Documents and Settings\All Users\Application Data\Thermo Scientific\) that contains the configuration files. Because the Thermo Foundation Authorization Manager reads the controlled feature information from the configuration files, prohibit access to these files by non-administrators.

Set up specific user group access to folders and files with the NTFS file system (an advanced file system used within the computer operating system). When you set up permissions, specify the level of access for user groups, for example:

• Permit members of one user group to read the contents of a file.

• Permit members of another user group to make changes to the file.

• Prevent members of all other user groups from accessing the file.

New subfolders and files inherit folder permissions automatically. After you set the appropriate permissions, an unauthorized user cannot maliciously or accidentally alter the contents of the folder with utilities such as Windows Explorer.

In the procedures that follow, add an administrative user (or administrative group) and the Everyone group to the Security page Group or User Names list. Grant the administrator full access to the security folder and read-only access to everyone else.

• Working with Accounts Set Up by the Foundation Application

• Adding Users

• Removing Users

• Setting Permissions for Foundation Application Folders

Note The Application Data folder containing the configuration files is hidden by default in Windows. To make it appear, go to Start > Control Panel > Appearance and Personalization > Folder Options > View > Hidden Files and Folders, and select Show Hidden Files and Folders.

Tip When you require more restricted access to folders and files, grant access only to specific user groups. Set up appropriate user groups. See Chapter 3, “Defining Secure User Groups and Adding Users.” Complete the procedures that follow, but use your specific user group, instead of the Everyone group.



Working with Accounts Set Up by the Foundation Application

To support system security, the Foundation application sets up these account names:

If you delete these files, recover them using these actions:

Adding Users

Before setting permission levels for a folder or registry key, you might need to add users and groups to the Groups or User Names list on the Security page.

Xcalibur_System The Foundation application creates this account with administrative privileges. The account name and password are embedded. The account is not interactive. No one ever logs in to this account except the application itself.

IUSR_localPCname

IWAM_localPCname

Installing IIS creates these two accounts. The expression localPCname in the user account name represents the name of your local PC. All accounts appear to interface with Microsoft IIS 5.0 for either starting out of process accounts, using anonymous access, or running .NET objects.

ASPNETASPNET.postgres (user account)

Proteomics Browser also creates two additional accounts upon installation:

Might have been installed by a non-Thermo Scientific application. The layered application ProSight PC uses the Microsoft asp.net network framework and creates a user account.

ProtUserBioWorks 3.2 and later. Created by Proteomics Browser upon installation.

If you deleted this file Action to restore

Xcalibur_System Reinstall the Thermo Foundation software.

IUSR_localPCname

IWAM_localPCname

Reinstall IIS using the instructions in the CD jewel case and the user guide for Bioworks Browser. Apply for the license to be renewed.

ASPNETpostgresProtUser

If installing ProSight PC software causes this file to be installed, then reinstall ProSight PC. If ASPNET was installed by your IT department or another application, then get instructions from the responsible party locally.

Reinstall Proteomics Browser using the instructions in the CD jewel case and the user guide for Bioworks Browser.



To add users and groups

1. Locate the Foundation application folder in Windows Explorer. (The default path is C:\Program Files\Thermo\Foundation.)

2. Right-click the folder with the application name and choose Properties from the shortcut menu. The Foundation Properties dialog box for the folder opens.

3. Click the Security tab to display the Security page (see Figure 8).

Figure 8. Security tab.

4. Click Edit on the Security page of the Properties dialog box. The Permissions for Foundation dialog box opens (see Figure 9).

Note The Security tab is unavailable by default. To make it available, go to Start > Control Panel > Appearance and Personalization > Folder Options > View, and select Use Sharing Wizard.



Figure 9. Permissions for Foundation dialog box

5. Click Add. The Select Users or Groups dialog box opens (see Figure 10).

Figure 10. Select Users or Groups dialog box

6. Confirm that the Select This Object Type box lists the object types that you require (for example, Users, Groups, Built-in Security Principals).

To change the list, click Object Types. The Object Types dialog box opens. Add or remove object types as needed.



7. Confirm that the From This Location box lists the root location that contains your users and groups.

To change where to search, click Locations to open the Locations dialog box and specify a new location.

8. Enter the users or groups in the Enter the Object Names to Select box:

• If the Everyone group was missing from the Group or User Names list on the Security page, type Everyone.

• If the user name of the administrator (or the name of the administrator group) was missing from the Group or User Names list on the Security page, type the appropriate user name or group name.

9. Click Check Names to search for users or groups with the names that you specified in the box.

All similar or matching object names that were found appear underlined in the box (see Figure 11).

Figure 11. Select Users Or Groups dialog box, showing the Everyone group

10. Confirm that only the correct object name or names are listed in the box and click OK to close the dialog box and return to the Properties dialog box.

11. Examine the Group or User Names list on the Security page of the Properties dialog box again.

The Everyone group and the name of the administrator are now available in the list.

• When additional groups or users appear in the Group or User Names list, go to the next topic, Removing Users.

Tip To enter multiple object names at the same time, separate the names with a semicolon.



• If no additional groups or users appear, go to “Setting Permissions” on page 15.

Removing Users

To remove users or groups from the Group or User Names list on the Security page

1. Select the name of the user or group.

2. Click Remove to remove the selected user or group.

3. Repeat these steps to remove any other users or groups.

You are now ready to set the permission levels for your users and groups.

Setting Permissions

After the correct users and groups are in the Group or User Names list on the Security page of the Properties dialog box, set the permissions as follows:

1. On the Security page of the Foundation Properties dialog box, select the administrator (or the administrator group) in the Group or User Names list, and then click Edit (see Figure 12.

Figure 12. Security page in the Foundation Properties dialog box



2. In the Permissions for Foundation dialog box, select the Allow check box for the Full Control option. All of the other check boxes in the Allow column are automatically selected (see Figure 13).

Figure 13. Security page showing the correct administrator settings

3. In the Group or User Names list, select Everyone.

4. In the Permissions for Everyone list, select the Allow check box for the Read option and clear the Allow check box for all other actions in the list.

5. Click OK to close the Permissions for Foundation dialog box and return to the Security page.

6. To confirm that the inheritance setting is correct, on the Security page click Advanced. The Advanced Security Settings dialog box opens (see Figure 14).

Note Groups or users granted Full Control for a folder can delete files and subfolders within that folder regardless of the permissions protecting the files and subfolders.

Note Setting these permissions confirms that you cannot delete any of the files in the folder using Windows Explorer.



Figure 14. Advanced Security Settings dialog box

7. Click Change Permissions. The Permissions page opens (see Figure 15).

Figure 15. Permissions page



8. Clear the Include Inheritable Permissions from This Object’s Parent check box.

The Windows Security dialog box opens (see Figure 16).

Figure 16. Windows Security dialog box

9. Click Add and then OK to close the dialog box and return to the Permissions page.

10. Click OK to return to the Security page.

11. Click OK to close the Foundation Properties dialog box and save the permission assignments.

You have configured the security settings for the security folder.

Setting Permissions for Foundation Application Folders

When you configure a system with multiple users who might work with a Foundation application files or folders that they did not create, make sure these users have access with the necessary permissions. If these permissions are not set correctly, users might not be able to open or modify files created by other users.

In the procedure that follows, add the Everyone group to the Security page in the Group or User Names list, and grant appropriate access to that group.

Tip When you require more restricted access to folders and files, grant access to only specific user groups. Set up appropriate user groups. Complete the procedures that follow, but use specific user groups instead of the Everyone group.



To set permissions for Foundation application folders

1. Locate the application folder in Windows Explorer. (The default path is C:\Program Files\Thermo\Foundation.)

2. Right-click the application folder and choose Properties from the shortcut menu to open the Properties dialog box for the folder.

3. Click the Security tab to display the Security page (see Figure 17).

Figure 17. Security page

4. Click Advanced.

The Advanced Security Settings for Foundation dialog box for the application folder opens (see Figure 18).



Figure 18. Advanced Security Settings for Foundation dialog box

5. Click Change Permissions to open the Permissions page (see Figure 19).

Figure 19. Permissions page



6. Clear the Include Inheritable Permissions from This Object’s Parent check box.

The Windows Security dialog box opens (see Figure 20).


7. Click Add to copy the inherited permissions to the new folder.

The Windows Security dialog box closes. Click OK to close the Advanced Security Settings dialog box.

Correct the permission settings later. (See “Setting Permissions” on page 15.)

8. Make sure that the Everyone group appears in the Group or User Names list in the Properties dialog box. If it does not appear in the list, add it. (See “Adding Users” on page 11.)

9. Select Users in the Group or User Names list.

10. Confirm that the Allow check boxes are selected for the following settings:

• Modify (This setting allows the user to delete by default. To turn off delete, you must configure the advanced permissions.)

• Read and Execute

• List Folder Contents

• Read

• Write

11. To save the permission assignments, click OK. The Properties dialog box closes.

12. Repeat steps 1 to 10 for any additional folders not in the application folder hierarchy that you use to store the application data.



Sequential User Logon and Automatic Logoff

Use the Sequential User Logon feature to allow a user to log on to a workstation, start data acquisition, and then log off while the system continues to acquire the data. A subsequent user can log on to the workstation, queue acquisition sequences, and process data while the acquisition that the first user started continues.

To enable or disable Automatic Logoff

1. Choose Start > All Programs > Thermo Foundation 1.1 > AutoLogoff. The Thermo Foundation Automatic Logoff Setup dialog box appears (see Figure 21).

Figure 21. Automatic Logoff Setup dialog box

2. Do one of the following:

• To turn on the feature, select the Enable check box. Type a value (1–1000) in the Auto logoff time (minutes) box to specify how long the system waits before logging off the current user.

• To turn off the feature, clear the Enable check box.

3. Click OK.

Note By default, Automatic Logoff is disabled (the Enable check box is cleared).

IMPORTANT For the Foundation application system running on the Windows 7 operating system, provide the following instruction to your users after you turn on AutoLogoff:

Each time a user logs on, The Windows 7 operating system prompts the user for permission to run AutoLogoff in the background. The user must choose Allow every time. Add this instruction to your standard operating procedures.

Note If the Windows 7 screen saver is set to display on the computer at an earlier time than the Auto Logoff time, the automatic logoff still occurs at the specified time, even though the user cannot see evidence of the logoff because the screen saver is active.


2 Establishing Secure File OperationsConfiguring Security Settings for the Database Registry Key

Configuring Security Settings for the Database Registry KeyAs the administrator, when you run the Database Configuration tool for the first time, the tool creates a registry key for the computer that stores information about the database. To confirm the security of the auditing database, the security settings for this registry key must be set so that only the workstation administrator can make changes to the key.

To configure the security settings for the database registry key

1. From the Windows 7 taskbar, choose Start.

2. Type regedit in the Run dialog box and press ENTER to open the Registry Editor window (see Figure 22).

Figure 22. Registry Editor window, showing CFR_Database key selected

3. Navigate to the Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Thermo Scientific\Foundation\Auditing\CFR_Database folder in the left pane of the Registry Editor window.

4. Right-click the CFR_Database folder and choose Permissions from the shortcut menu.

The Permissions for CFR_Database dialog box for this registry key opens (see Figure 23).



Figure 23. Permissions for CFR_Database dialog box



5. Click Advanced to open the Advanced Security Settings for CFR Database dialog box (see Figure 24).

Figure 24. Advanced Security Settings for CFR Database dialog box

6. Clear the Include Inheritable Permissions from This Object’s Parent check box. The Windows Security dialog box opens (see Figure 25).


7. To copy the inherited permissions to the CFR_Database registry key, click Add. Click OK to close the Advanced Security Settings for CFR_Database dialog box.



8. Examine the Group or User Names list in the Foundation Properties dialog box and note that only the name of the administrator (or the administrator group) and the Everyone group appear in this list.

• If the administrator (or the administrator group) does not appear in the list, add it. (See “Adding Users” on page 11.)

• If the Everyone group does not appear in the list, add it. (See “Adding Users” on page 11.)

• If other users or groups appear in the list, remove them. (See “Removing Users” on page 15.)

9. To set the permissions for the registry key, select the administrator (or the administrator group) in the Group or User Names list.

10. In the Permissions for Administrators list, select the Allow check box for the Full Control option.

The Read check box in the Allow column is automatically selected (see Figure 26).

Figure 26. Permissions for CFR_Database dialog box, showing permission settings for the Administrators group


2 Establishing Secure File OperationsRemoving and Archiving Files

11. Select Everyone in the Group or User Name list.

12. In the Permissions list, select the Allow check box for the Read option. Clear the Allow check box for all other actions in the list.

13. To save the permission settings, click OK.

The Permissions dialog box closes.

14. Choose File > Exit to close the Registry Editor.

Removing and Archiving FilesTo archive files, use third-party software designed for this purpose. In addition, develop and implement standard operating procedures for archiving files and security procedures to protect the archived data.


3

Defining Secure User Groups and Adding Users

To control access to certain features of the Thermo Foundation application, define secure user groups and grant these groups appropriate permission levels. By design, every member of a secure user group holds the same rights and permissions. Use the Thermo Foundation Authorization Manager to create new groups and define permission levels.

After you define secure user groups and set permission levels, only those users who are in a secure user group can access the application. All others are prohibited access.

Contents

• Planning User Groups

• Using the Thermo Foundation Authorization Manager


3 Defining Secure User Groups and Adding UsersPlanning User Groups

Planning User Groups Before you begin, decide how many user groups you require or, if more appropriate, how many levels of access to grant to your users. For example, consider a laboratory where both scientists and technicians work. The standard operating procedures for this laboratory state that technicians cannot perform certain operations with the software in contrast to scientists who have no restrictions. In this case, if you are the laboratory administrator, you must create at least two user groups—one for technicians and one for scientists.

There is no limit to the number of user groups defined. For simplicity, if all users are to have the same privileges, define a single user group.

A user group can be either a preexisting Windows domain logon group or a private group:

• The domain administrator must create and manage Windows domain logon groups. For help with domain logon groups, contact your domain administrator.

• The workstation administrator can create and manage private groups. However, before the administrator can add a user to a private group, the user must be a member of a domain group. If an intended user is not a user on the domain, grant a domain account for that person. Contact your domain administrator for help in completing this task.

A single user can belong to more than one user group. If the groups have different permission levels, the most lenient permission level applies to the user.

Using the Thermo Foundation Authorization ManagerProcedures for using the Thermo Foundation Authorization Manager follow:

• Defining User Groups

• Editing User Groups

• Setting Permissions

• Specifying Predefined Comments

• Viewing the Authorization Manager History Log

• Printing the Security Settings

• Saving the Security Settings

IMPORTANT As a precaution, define at least one user group. If no user groups are configured in the Authorization Manager, access to controlled features is unrestricted.

Note Shut down all applications before running the Authorization Manager. Otherwise, if you make changes to permissions for an application when the application is open, the changes might not take effect until you exit and restart the program.


3 Defining Secure User Groups and Adding UsersUsing the Thermo Foundation Authorization Manager

Defining User Groups

To define user groups

1. From your computer taskbar, choose Start > All Programs > Thermo Foundation 1.1 > Authorization Manager. The Thermo Foundation Authorization Manager opens (see Figure 27).

Figure 27. Thermo Foundation Authorization Manager

2. Select the appropriate Available Groups option to specify the type of user group:

• To use preexisting Windows logon groups, select the Domain/Workstation option. Contact your domain administrator to create or change logon groups.

Continue with step 3.

• To use (or to create) a local user group, select the Private option. The administrator of the workstation can create private groups.

Skip to step 4.



3. To define secure domain/workstation logon groups, select a group in the Available Groups list to define as a secure group and click . The group appears in the Secure Groups box.

To define more groups as secure, repeat this process. When you have created all needed groups, go to the next procedure “Editing User Groups” on page 33.

4. To define secure private groups, click Create in the Secure Groups area. The Create Private Group dialog box opens (see Figure 28).

Figure 28. Create Private Group dialog box, showing two users in the new private group, Xcal Users

5. Type a name for the group in the Group Name box.

6. Select a domain in the System group list. The application displays the domain user accounts in the Users in system group box.

7. Select a user account and click Add to add it to the new private group. The user account appears in the Users in Private group box.

8. To add users in other domains to the private group, repeat steps 6 and 7. Otherwise, click OK. The new private group appears in the Secure Groups box.

9. To create additional private groups, repeat steps 4 to 8. If you have created all needed private groups, continue with the next procedure.



Editing User Groups

After defining a secure user group, you can view and (for private groups only) change the members of the group. To do this, right-click the user group in the Secure Groups box and select Members from the shortcut menu.

• If the group is a private group, the Edit user list of private group dialog box opens. Add or remove names from the user group by using the arrow keys.

• If the group is a domain/workstation logon group, the Modify users in group dialog box opens. Because membership in these groups is controlled by the domain administrator, the lists in the Modify users in group dialog box are read-only. (To make changes to domain/workstation logon groups, see your domain administrator.)

Setting Permissions

For each secure user group, set the permission levels in the Permission Level area for certain features in the software application.

The available permission levels are listed in Table 1. All new secure user groups, whether domain/workstation groups or private groups, have all features set to Disallowed.

Table 1. Permission levels and descriptions

Permission level Description

Disallowed Not permitted. Specify whether the user interface control for the disallowed operation is hidden or grayed out.

Signature List To perform the desired action, enter the names and passwords of everyone on the signature list.

A series of dialog boxes (one for each signature) appear when a user attempts to perform this action in the software application.

Supervisor Password To perform the desired action, enter the supervisor name and password.

A dialog box for the supervisor signature opens when a user attempts to perform this action in the software application.

Password To perform the desired action, enter the user password.

A dialog box for the user password opens when a user attempts to perform this action in the software application.

Allowed No restrictions.



Set permission levels in the following ways:

• Setting the Permission Levels for an Individual Feature

• Setting All Permissions

• Inheriting Permissions

• Exporting and Importing Permissions

Setting the Permission Levels for an Individual Feature

To change the permission level of an individual feature

1. Select a user group in the Secure Groups box.

2. Select the name of your software application from the list in the lower left of the Authorization Manager.

3. Click Expand Tree to show the entire list of controlled features for the application.

4. From the list, select the feature whose permission level you want to change.

5. Select one of the Permission Level options:

• Disallowed

• Signature List

• Supervisor Password

• Password Required

• Allowed

6. If you selected Disallowed, specify the appearance of the user interface control in the Disallowed State area:

• If you do not want the user interface control to appear at all, select the Hidden option.

• To gray out the user interface control, select the Grayed option.

Note You can set permissions only for individual features, not subgroups. After selecting a feature, the Permission Level options are active. If they are unavailable, you probably selected a subgroup, not a feature.

Tip To define the permission level of a feature, right-click the feature and select the permission level from the shortcut menu.




7. For Permission Level, if you selected Signature List, use the Signature List Groups area to define the signature list groups:

a. Select a user group in the Available groups box and click . The group appears in the Signature required box.

b. Add other groups to the signature list in the same manner as needed.

c. To require that the current user of the software application be placed on the signature list, select the Current User Must Sign check box.

d. If you must rearrange the order of the groups in the signature list, select a group and click Up or Down in the Move Group area.

8. To permit the user to enter a comment after performing an action, select the Comment check box under Other requirements. (This option is available for all permission settings, except Disallowed.)

After the user enters a comment, it appears in the audit log for the software application.

9. Set the permission levels for any or all of the remaining features:

• To set the permission level of an individual feature, repeat steps 4 to 8.

• To set all of the other features for this application to the same permission level that you just set, select the This application option in the All Features area and click Set To Same.

The Permission Level setting, the Disallowed state setting (if applicable), and the Comment setting are copied to all of the other features for the currently selected application.

• To set all other features for all applications to the permission level that you just set, select the All applications option and click Set To Same.

The software copies the Permission Level setting, the Disallowed state setting (if applicable), and the Comment setting to all other features for all applications.

10. To set the permission levels for other user groups in the Secure Groups box, repeat steps 1 to 9.

Note When you choose a feature in the software application with a permission level of Signature List, a series of password dialog boxes appear, one for each signature (the name and password of every member of the designated group).

The order of the groups shown in the Available groups box defines the order of appearance for the password dialog boxes.

IMPORTANT Permission level settings are retained when you move a user group out of the Secure Groups box and into the Available Groups box. When you move the group back into the Secure Groups box, the permission settings remain intact.

When you delete a user group from the Secure Groups box, however, all permission settings are lost.


Setting All Permissions

You can set every feature to the same permission level in either of two ways:

• After you set the permission level for one feature, click Set To Same (as described in step 9 of the preceding section).

• Right-click the user group name in the Secure Groups box, and choose Globally Set To > Permission Level from the shortcut menu.

Inheriting Permissions

To copy a complete set of permission levels from one secure user group to another secure user group

1. Select the user group in the Secure Groups box that is to receive the set of permission levels.

2. Right-click the selected group and choose Inherit From from the shortcut menu.

The Choose Secure Group dialog box opens and displays a list of the secure groups (minus the current one).

3. Select the group containing the permission levels to copy and click OK.

Both user groups now have the same set of permission levels.

Exporting and Importing Permissions

Importing the permission list that contains the user groups and permissions from a workstation saves time when you have more than one workstation in your lab and plan to provide users access to all stations. Instead of setting up identical user groups on each workstation, copy the permission list from a workstation that has the user groups and access permissions that you require.

To export and import the permission list

1. On the workstation where the correct users and permission levels are set, start the Authorization Manager and click Export. The Save As dialog box opens.

2. Save the permission list in the security folder as a file with the .eperm extension. (The default path for this folder is C:\Documents and Settings\All Users\Application Data\Thermo Scientific\INI; the default file name is permissions.eperm.)

3. Copy the file into the security folder on the new workstation.

IMPORTANT To maintain the security of the permission list, export it to a secure location. The security folder (with proper security settings) on the current workstation is an ideal location.



4. On the new workstation, start the Authorization Manager and click Import. The Open dialog box opens.

5. Locate the permission list file (.eperm file) and click Open. The user groups and permission levels appear in the Authorization Manager.

6. Confirm that the user groups and permissions are correct and click OK to save the settings and close the Authorization Manager.

Specifying Predefined Comments

As an option, you can require users to select comments from a predefined list rather than typing in comments when they use features that require comment entry. To do this, select the Predefined Comments check box in the Global Security Features area. When predefined comments are active, a dialog box opens whenever a user performs an action that requires a comment. The user must select a comment from a list before proceeding.

To define comments

1. Confirm that the Predefined Comments check box is selected.

2. Click Edit. The Edit Comment List dialog box opens.

3. Click Add New Comment. The New Comment dialog box opens.

4. Type comment text and click OK.

5. Repeat steps 3 and 4 to add each predefined comment.

6. Make any additional changes to the comment list:

• To delete a comment from the list, select the comment and click Remove Comment.

• To move a comment up or down in the list, select it and click Move Up or Move Down.

7. Click OK to save your changes and close the dialog box.


3 Defining Secure User Groups and Adding UsersViewing the Authorization Manager History Log

Viewing the Authorization Manager History LogThe Authorization Manager automatically maintains a history log to record all changes made to the security settings. The log records the following events:

• The creation of a private group

• The addition or deletion of members from a group

• A change in group permissions

• A switch between private and domain/workstation groups

• The manipulation of the signature list

To display the history log for the Authorization Manager, click History Log.

Each entry in the history log contains the time and date, the user ID and full name, and a description of the event. Sort and filter the entries in the history log by field (for example, sort and filter by date and time) or print the log.

Printing the Security SettingsTo print a report of the security settings for each secure user group, click Print. The report contains a list of the members of the group, the controlled feature information for each application, and the names of any secure folders for each application.

Saving the Security SettingsAfter defining your user groups, setting the appropriate permission levels, and specifying the type of application auditing, click OK to save your settings and exit the Authorization Manager.

The controlled feature information is saved in a configuration file. (The default path for this file is C:\Documents and Settings\All Users\Application Data\Thermo Scientific\INI.) Prohibit non-administrator access to this folder by properly setting the security for this folder. If you have not already done this, see “Establishing Secure File Operations” on page 5.


4

Using the Thermo Foundation CRC Validator

The Thermo Foundation CRC Validator compares the cyclic redundancy check (CRC) value stored in the database for a file with the CRC value computed from the file stored on the hard disk. If the stored CRC value and the computed CRC value do not match, the file might have been corrupted or altered from the time when a Foundation application saved it. This chapter describes how to use the Thermo Foundation CRC Validator to check your files.

Contents

• Checking Files with the Thermo Foundation CRC Validator

• Selecting Files Using Database Filters

• Selecting Files Using a Pattern

Note Close any open Foundation applications before running the Thermo Foundation CRC Validator.


4 Using the Thermo Foundation CRC ValidatorChecking Files with the Thermo Foundation CRC Validator

Checking Files with the Thermo Foundation CRC Validator To use theThermo Foundation CRC Validator

1. From the Windows taskbar, choose Start > All Programs > Thermo Foundation 1.1 > CRC Validation. The Thermo Foundation CRC Validator dialog box opens (see Figure 29).

Figure 29. Thermo Foundation CRC Validator dialog box

2. Select a method for selecting files for validation in the File Selection area:

• To select files that match a database filter, see “Selecting Files Using Database Filters” on page 41.

• To select files that match a pattern, see “Selecting Files Using a Pattern” on page 43.

3. Click Check to check the selected files.

4. Examine the results displayed in the Check Results area. The Status column in the file list indicates the status of each file as described in Table 2.

5. Click Exit to close the CRC Validator dialog box.


4 Using the Thermo Foundation CRC ValidatorSelecting Files Using Database Filters

Selecting Files Using Database FiltersWhen you select files using database filters, select files for validation based on information about those files that is stored in the auditing database. For example, select files created by a particular Foundation application or select files created or modified at certain times.

Create two types of filters: non-date filters and date filters. Non-date filters are based on fields from the auditing database. Use them to select files based on characteristics, such as the application used to create the file or the name of the user who created the file. Use date filters to select files based on the date when they were created or last modified.

Combine multiple non-date filters using the AND and OR operators. The default filter is the most recently selected dataset name.

Table 2. Status values for CRC Validation

Status Description

CRCs Match The CRC stored in the database matches the CRC just calculated for the file.

CRCs Do Not Match The CRC stored in the database does not match the CRC just calculated for the file. Most likely, the file has been modified since the tracking record was created.

File Not In Database The file was found on the hard disk, but not in the database. It might not be a tracked file.

File Not On Disk The file was found in the database, but not on the hard disk. The file might have been archived or deleted.


4 Using the Thermo Foundation CRC ValidatorSelecting Files Using Database Filters

To select files using a database filter

1. Click the Files Matching Database Filter option in the File Selection area.

2. Click Edit filter. The Filter Entries dialog box opens (see Figure 30).

Figure 30. Filter Entries dialog box

3. To add a non-date filter, do the following:

a. Select AND or OR from the first list in the Add Non-Date Filter area.

b. Select the database key to filter on from the second list.

c. Type the value for the database key in the equals box. For example, if you selected Application Name in the second list, you might enter Home Page or Qual Browser in the equals box.

d. Click Add to add this filter to the list of current filters.

e. Repeat steps a through d to add other non-date filters.

4. To add a date filter, enter the starting date and time for your filter in the Add Date Filter area in the From boxes and enter the ending date and time for your filter in the To boxes. Click Add to add this filter to the list of current filters.

5. To remove unwanted filters from the filter list, click the filter name in the list and click Remove Filter.

6. When you have made all needed changes, click OK to save your changes and close the dialog box.


4 Using the Thermo Foundation CRC ValidatorSelecting Files Using a Pattern

Selecting Files Using a PatternWhen selecting files that use a pattern, specify the folder containing the files and the format type of the files (for example, a .raw file).

To select files using a pattern

1. Select the Files Matching Pattern option in the File Selection area.

2. In the File Path list, select the path to the folder containing the files to check or click Browse to find the folder.

3. Select the file extension of the files to check in the File Name list.

4. Select the Include Subfolders check box to have the CRC Validator check files in subfolders of the selected folder.

5. Click OK to save your changes and close the dialog box.


5

Auditing

Using the Thermo Foundation Audit Viewer utility, you can perform these auditing functions:

• Display all auditable events and changes made to files created or managed by various Thermo Scientific layered applications.

• View a history of what has been done during data acquisition and data processing to produce results.

• Get information about all events that have occurred within the application.

Accessing the Auditing and Workbook DatabasesA Thermo Scientific application writes to the Global Auditing database and maintains the application’s workbook databases. The Global Auditing database stores the application start and stop events. All other application events are stored in the workbook databases for the application.

Contents

• Accessing the Auditing and Workbook Databases

• Viewing Audit Viewer Pages

• Filtering Audit Viewer Entries

• Sorting Audit Viewer Entries

• Printing Audit Viewer Entries

IMPORTANT You must configure the database in the Thermo Foundation Auditing Database Configuration Manager before you can access the Global Auditing database. See Using the Thermo Foundation Auditing Database Configuration Manager.


5 AuditingAccessing the Auditing and Workbook Databases

Accessing the Global Auditing Database

The Global Auditing database is a log of auditable events for all the application-related data files and applications that it recognizes. You can access the Global Auditing database when you start Audit Viewer from the Windows desktop.

To start Audit Viewer from your Windows taskbar

Choose Start > All Programs > Thermo Foundation 1.1 > Audit Viewer. The Audit Viewer window opens.

Figure 31. An audit view window displaying entries for the Global Auditing database

Accessing the Application Workbook Database

The workbook database for an application is a a log of auditable events associated with the current workbook, including the entries that have not been saved to the database. Each workbook database also includes a log about the raw files that are acquired as part of the workbook.

Each workbook for an application has its own database. When you start Audit Viewer from an application workbook, the audit view window displays the saved and unsaved entries for the current workbook. The unsaved entries are highlighted in yellow in the audit view window.

Note The Audit Viewer entries can also include unsaved changes from another workbook, if the changes are still in memory.


5 AuditingAccessing the Auditing and Workbook Databases

To access the auditing database for a workbook

1. Open the LCquan workbook.

2. In the LCquan Workbook window, choose File > Audit Trail. The audit view window opens and displays the entries for the open workbook (Figure 32). Yellow highlights indicate any unsaved entries.

To access the auditing database for a different workbook, repeat step 1 and step 2. A second instance of Audit Viewer starts and displays the entries for that workbook.

Figure 32. An audit view window for an LCquan Workbook

Note The following procedure uses the LCquan application as an example.


5 AuditingViewing Audit Viewer Pages

Viewing Audit Viewer PagesThe Audit Viewer window contains the following pages, each of which has a different function.

Page Description

All Provides a summary of all entries for the current database.

To display the Audit Viewer page associated with an entry on the All page, double-click the entry on the All page.

History Provides a chronological listing of all the changes made to method files and result lists.

Event Lists all user-initiated auditable software events. All events that are subject to authorization control are auditable.

File Tracking Provides the following types of information:

• Global Auditing database: Lists the changes that are made by any program to the application-created files.

• Application workbook database: Lists the changes made within the application to any application-owned files in the workbook, including the workbook file (.lqn), processing method (.pmd), instrument method (.meth), sequence (.sld), and any imported sample data files (.raw). The File Tracking page does not include the data files (.raw) acquired from within the application workbook that are tracked in the Global Auditing database.

• If any of the workbook files are modified outside of the application, the Foundation application displays a file-tracking error message.

Instrument Error Lists significant events that occur to instruments that the application creates or manages.

Note Entries are not saved to the database until you save the workbook. Unsaved entries are highlighted in yellow in the Audit Viewer.


5 AuditingFiltering Audit Viewer Entries

Filtering Audit Viewer Entries By applying a filter, you can display a subset of the entries in the audit view window. You can set up two types of filters: filters based on dates and filters not based on dates (non-date filters). You can use a combination of the two types of filters.

To set up a non-date filter

1. In the audit view window, click Filter. The Filter Entries Dialog Box opens.

Figure 33. Filter Entries dialog box

2. In the Add Non-Date Filter area, select AND or OR from the first list.

3. In the list to the right, select a column to filter on.

4. In the equals box, type the text string that you want the filter to match and click Add. The filter statement appears in the box.

5. Repeat steps 2 to 4 to add additional filters.

6. When you have defined all your filters, click OK. The audit view window displays the results.

Note The non-date filter accepts partial matches. For example, if you have a user name of john.doe, then a filter string of john or doe matches entries for that user name.


5 AuditingSorting Audit Viewer Entries

To set up a date filter

1. Under Add Date Filter, enter the beginning date and time in the From box.

2. Enter the ending date and time in the To box.

3. Click Add and click OK to apply the filter. The audit view window displays the results.

To remove a filter

1. In the Filter Entries dialog box, select the filter statement you want to remove.

2. Click Remove Filter.

3. Click OK. The audit view window displays the results.

Sorting Audit Viewer EntriesYou can sort the entries by column headings on each of the audit view pages.

To sort the entries on an audit view page

1. In the audit view window, click the tab of the page you want to view.

2. Click Sort. The Sort Entries dialog box opens.

Figure 34. Sort Entries dialog box using all three sort fields

3. In the 1st Sort Field list, select the column heading and select the Ascending or Descending option.

Repeat this step for the 2nd Sort Field and 3rd Sort Field.

4. Click OK. The audit view page displays the entries in the specified sorting order.


5 AuditingPrinting Audit Viewer Entries

Printing Audit Viewer EntriesThe printing options vary depending on whether you are printing the audit trail for the Global Auditing Database or a workbook database.

• Printing the Audit Trail for the Global Auditing Database

• Printing the Audit Trail for an Application Workbook Database

Printing the Audit Trail for the Global Auditing Database

To print the audit trail for the Global Auditing database

1. From the Windows desktop, choose Start > All Programs > Thermo Foundation 1.1 > Audit Viewer.

2. In the audit view window, click the tab of the page you want to print.

3. Click Print.

4. In the Print Options dialog box, select printing options, and then click OK.

Printing the Audit Trail for an Application Workbook Database

You can print the entries from an application workbook database only when you save all displayed records on the audit view page.

To print the audit trail for an application workbook database

1. In the application Workbook window, choose File > Audit Trail.

If the workbook already contains saved entries, go to step 3.

If the workbook contains any unsaved entries, the Foundation application displays a View Audit Trail message prompting you to save the workbook before continuing.

2. In the View Audit Trail dialog box, do one of the following:

• Click Yes to save the workbook entries. The Foundation application logs the automatic save in the audit trail and starts Audit Viewer.

• Click No to start Audit Viewer without saving the workbook.

3. In the audit view window, click the tab of the page that you want to print.

Note If you select the Don't tell me about this again check box, the Foundation application automatically applies the last requested behavior (Save or Not Save) each time you start Audit Viewer when the application workbook contains unsaved entries. To restore the message, choose Options > Enable Warnings.


5 AuditingPrinting Audit Viewer Entries

4. Make sure the displayed page contains only saved entries. Yellow highlights appear on the rows of any unsaved entries.

If you have a mix of saved and unsaved entries, you can do one of the following:

• In the application workbook window, choose File > Save to save the application workbook. In the audit view window, click Refresh.

• In the audit view window, click Filter, and then add filter rules so that only the saved records appear on the page you want to print. See “Filtering Audit Viewer Entries” on page 49 for details.

5. Click Print.

6. In the Print Options dialog box, select printing options, and then click OK.


A

Installing an Oracle Database

This appendix describes the procedure used by Thermo Fisher Scientific to install the Oracle Server and Client software. Consult your Oracle database administrator for advice and instructions on how to install this software for your application.

The installation information in this chapter supplements the documentation that Oracle provides and does not replace it. Refer to your Oracle manuals for installation and configuration details.

Note The procedures contained in this chapter describe how to install the Oracle9i Database. The installation procedures for other versions or releases of the database might differ from those described here.

Contents

• Installing the Oracle Server

• Installing the Oracle Client


A Installing an Oracle DatabaseInstalling the Oracle Server

Installing the Oracle Server To install the Oracle Server

1. Insert the Oracle Database compact disc. The Autorun installation program starts automatically. If the installation program does not start automatically, find and double-click the setup.exe file.

2. Click Install/Deinstall Products in the installation program. The Welcome page opens (see Figure 35).

Figure 35. Welcome page

IMPORTANT Do not install the Oracle Server if a previous version of the software is already installed. Remove previous versions before installing the new version. If you have data in the other database, back it up and use the Oracle Data Migration Assistant to migrate it to the new database during or after the installation. Refer to your Oracle documentation for more information.



3. To remove a previous version of Oracle software before proceeding with this installation, click Deinstall Products. The Inventory dialog box opens. Select the previous version from the list and click Remove.

4. Click Next on the Welcome page. The File Locations page opens (see Figure 36).

Figure 36. File Locations page

5. In the Name box under Destination, type or select a name for the Oracle Home.

6. In the Path box, type or select the location for the Oracle components. Or click Browse to search for a different location.

IMPORTANT The Source Path box automatically fills with the location of the installation files. Do not change the path.



7. Click Next. The Available Products page opens (see Figure 37).

Figure 37. Available Products page

8. Select the product to install.

9. Click Next. The Installation Types page opens (see Figure 38).

Figure 38. Installation Types page



10. Select the type of installation.

11. Click Next. The Database Configuration page opens (see Figure 39).

Figure 39. Database Configuration page

12. Select an appropriate database.



13. Click Next. The Database Identification page opens (see Figure 40).

Figure 40. Database Identification page

14. Type the global database name for the database and enter the Oracle System Identifier (SID) in the fields provided.



15. Click Next. The Database File Location page opens (see Figure 41).

Figure 41. Database File Location page

16. Enter the directory location for the database files. The directory location must be a mapped drive.



17. Click Next. The Database Character Set page opens (see Figure 42).

Figure 42. Database Character Set page

18. Select the character set to use in your database.

19. Click Next. The Summary page opens (see Figure 43).

Figure 43. Summary page



20. Review the space requirements on the Summary page to confirm that you have enough disk space.

21. Click Install to start the installation.

When the installation is complete, the Configuration Tools page opens and a series of tools starts automatically creating and configuring your database and Oracle Net Services environments.The Configuration Tools page displays the results of running these tools (see Figure 44).

Figure 44. Configuration Tools page

• If the Oracle Database Configuration Assistant tool runs, continue with step 22.

• If the Oracle Database Configuration Assistant tool does not run, go to step 27 on page 62.



22. If the Oracle Database Configuration Assistant tool runs, wait for it to complete. The Oracle Database Configuration Assistant dialog box opens (see Figure 45). Make note of the database information that is listed in this dialog box.

Figure 45. Oracle Database Configuration Assistant dialog box

23. Click Password Management. The Password Management dialog box opens (see Figure 46).

Figure 46. Password Management dialog box

24. Change the default passwords for all user accounts.

25. Lock or unlock the database user accounts as necessary by selecting or clearing the appropriate row in the Lock Account column.

26. Click OK to save the changes and close the dialog box.

27. When all of the tools on the Configuration Tools page have finished running, click Next. The End Of Installation page opens.

28. Click Exit to exit from the Oracle Universal Installer. The database is installed.


A Installing an Oracle DatabaseInstalling the Oracle Client

Installing the Oracle Client To install the Oracle Client software

1. Insert the Oracle Database Client compact disc. The Autorun installation program starts automatically. If it does not, find and double-click the setup.exe file.

2. Click Install/Deinstall Products in the installation program. The Welcome page opens.

3. To remove a previous version of the Oracle client software before proceeding with this installation, click Deinstall Products. The Inventory dialog box opens. Select the previous version from the list, and click Remove.

4. Click Next on the Welcome page. The File Locations page opens (see Figure 47).

Figure 47. File Locations page

5. In the Name box under Destination, type or select a name for the Oracle Home.

6. In the Path box, type or select the location for the Oracle components. Or click Browse to search for a different location.

7. Click Next. The Installation Types page opens (see Figure 48).

IMPORTANT Do not install the Oracle Server if a previous version of the software is already installed. Remove previous versions before installing the new version. Refer to your Oracle documentation for more information.

IMPORTANT The Source Path box automatically fills with the location of the installation files. Do not change the path.



Figure 48. Installation Types page

8. Select the type of installation.

9. Click Next. The Summary page opens (see Figure 49).

Figure 49. Summary page



10. Review the space requirements on the Summary page to confirm that your system has enough disk space.

11. Click Install to start the installation.

When the installation is complete, the Configuration Tools page opens. A series of tools automatically starts creating and configuring your database and Oracle Net Services environments. The Configuration Tools page displays the results of running these tools (see Figure 50).

Figure 50. Configuration Tools page



• If the Oracle Net Configuration Assistant runs (see Figure 51), continue with step 12.

Figure 51. Welcome page

• If the Oracle Net Configuration Assistant does not run, go to step 25 on page 69.

12. Select the No, I will create net service names myself option.

13. Click Next. The Net Service Name Configuration, Database Version page opens (see Figure 52).

Figure 52. Net Service Name Configuration, Database Version page

14. Select the Oracle 8i or later database or service option.



15. Click Next. The Net Service Name Configuration, Service Name page opens (see Figure 53).

Figure 53. Net Service Name Configuration, Service Name page

16. Enter the global database name in the Service name field.

17. Click Next. The Net Service Name Configuration, Select Protocols page opens (see Figure 54).

Figure 54. Net Service Name Configuration, Select Protocols page

18. Select the protocol used for the database, and click Next. The next page that opens depends on what protocol you selected.



For example, if you selected the TCP protocol, the Net Service Name Configuration, TCP/IP Protocol page opens (see Figure 55).

Based on your choice of protocol, the software requests protocol parameter information.

19. Complete the specification for the selected protocol and click Next.

For example, on the Net Service Name Configuration, TCP/IP Protocol page, type the host name for the computer where the database is located and select the Use the standard port number of 1521 option (see Figure 55).

Figure 55. Net Service Name Configuration, TCP/IP Protocol page

20. Click Next. The Net Service Name Configuration test page opens.

21. On the Net Service Name Configuration, Test page, select the Yes, perform a test option and click Next. The Net Service Name Configuration, Connecting page opens and the Oracle Net Configuration Assistant performs a connection test.

• If the test is successful, click Next. The Net Service Name Configuration, Net Service Name page opens (see Figure 56).

• If the test fails, click Back to review the information that you entered. Make any necessary changes and try the test again.



Figure 56. Net Service Name Configuration, Net Service Name page

22. On the Net Service Name Configuration, Net Service Name page, accept the default net service name or type another net service name that is unique to the client.

23. Click Next. The Net Service Name Configuration, Another Net Service Name? page opens.

24. On the ...Another Net Service Name? page, specify whether or not to configure another net service name for this client.

• When you select Yes and click Next, the Oracle Net Configuration Assistant leads you through the process of configuring another net service name.

• When you select No and click Next, the Net Service Name Configuration Done page opens. Click Next again and click Finish to complete the Oracle Net Configuration Assistant and return to the Configuration Tools page (Figure 50).

25. On the Configuration Tools page, click Next. The installation is complete.


B

System Administration Reference

This appendix provides reference information to configure and manage the Thermo Foundation system.

Thermo Foundation Administrator Utilities

Thermo Foundation Administrator UtilitiesThe Thermo Foundation Administrator Utilities include tools that help to set up and maintain the security features and functions of a Foundation application. These include detailed audit logs, setting up authorization measures before specific actions are allowed, and file tracking.

Explore these Foundation Administrator Utilities and dialog boxes:

• Instrument Configuration Dialog Box

• Out of Date Instrument Drivers Detected Dialog Box

• Thermo File Converter Dialog Box

• Library Manager Dialog Box

• Thermo Foundation Audit Viewer

• Thermo Foundation Auditing Database Configuration Manager

• Thermo Foundation Authorization Manager

• Thermo Foundation CRC Validator

In addition, the Authorization Manager contains the following dialog boxes:

• Sort Entries Dialog Box

• Create Private Group and Edit User List Of Private Group Dialog Boxes

• Comment List Dialog Box

• Users In Group Dialog Box


B System Administration ReferenceThermo Foundation Administrator Utilities

Instrument Configuration Dialog Box

Use the Instrument Configuration dialog box to review all available devices and configure the devices that you want to install using the following controls.

Table 3. Instrument Configuration dialog box parameters (Sheet 1 of 2)

Parameter Description

Device Types

View or change the category of device types currently displayed in the Available Devices area. The default option is All. The other options allow you to select a subset of all of the devices as follows:

All: Displays all configurable Xcalibur devices.

AS: Displays all configurable Xcalibur autosampler devices.

Detector: Displays all configurable detector devices.

GC: Displays all configurable Xcalibur gas chromatograph devices.

LC: Displays all configurable Xcalibur liquid chromatograph devices.

MS: Displays all configurable Xcalibur mass spectrometer devices.

Other: Displays all other Xcalibur configurable devices.

Available Devices

This area displays buttons for all available devices of the type selected in the Device Types list. For example if All is displayed in the Device Types list, this area displays all Xcalibur configurable devices.

Available Device View available instruments. Each button displayed in the Available Devices area represents an instrument that can be configured as an Xcalibur device. The buttons that are displayed depend upon the selection in the Device Types list. To select an Xcalibur device for configuration, click the button corresponding to the device to be configured and click Add.

Add Add the device you have selected in the Available Devices area to the Configured Devices area.

A device must be present in the Configured Devices area to begin the process of configuring the device.

Configured Devices

View all of the devices that have been added from the devices listed in the Available Devices group box.

A device must be present in the Configured Devices area to begin the process of configuring the device.



Out of Date Instrument Drivers Detected Dialog Box

This dialog box opens only when you select Start > Programs > Thermo Foundation 1.1 > Instrument Configuration. The Instrument Configuration view opens. If your Xcalibur software is out of date, Xcalibur displays the following message:

The device drivers for the following instruments are not compatible with the installed version of Xcalibur. You must install the current drivers before you can use these instruments.

If this message appears, install the latest software for the instruments listed. This software is located on an Xcalibur CD-ROM. Run the appropriate setup file to load the new software. Run Setup.exe from the appropriate instrument directory on the CD-ROM.

Remove Remove the device you have selected from the Configured Devices area.

Each button displayed in the Configured Devices area represents an instrument that has been selected for configuration as an Xcalibur device but might or might not have been configured. To configure a device listed in the Configured Devices area, click the button of the device to be configured, and then click Configure to open the appropriate configuration dialog box.

Configure Open the appropriate configuration dialog box for the device you have selected in the Configured Devices area. For example, to configure an LCQ MS detector, click LCQ in the Configured Devices area, and then click Configure. The LCQ Configuration dialog box opens.

Other Controls

Done Close the Instrument Configuration dialog box after you have configured Xcalibur devices.

Table 3. Instrument Configuration dialog box parameters (Sheet 2 of 2)


Note The Xcalibur data system and inlets are shipped on a separate CD-ROM from the Xcalibur software used for the MS detectors and mass spectrometers. When a new version of Xcalibur is released, usually you must update the software for both the Data system and inlets software as well as the MS detectors and mass spectrometers for all configured instruments.



Thermo File Converter Dialog Box

Use the Thermo File Converter dialog box to convert one data file type to another data file type.

The Xcalibur data system provides file interconversions for the following file types.

Table 4. Out of Date Instrument Drivers Detected dialog box parameters


Instrument View currently installed instruments with out-of-date software. Installed in this context indicates that the Setup.exe files for the listed instruments have been previously run from the appropriate directory of an Xcalibur CD-ROM.

In Use View the status of the instrument displayed in the Instrument list: In Use (Yes) or Not In Use (blank). In Use devices appear in the Configured Devices area of the Instrument Configuration view.

Version View the current version of the instrument that is displayed in the same row of the Instrument list. Make sure the version to be installed is more recent than the current version.

Note

• The Xcalibur data system does not currently support all interconversion combinations and posts a message whenever an unsupported conversion is requested.

• Not all formats have the same data fields. The data system can only convert matching data fields and does not typically convert instrument method information.

• You can also convert files by running XConvert.exe from two locations: the Pre Acquisition or Post Acquisition run line of the Run Sequence dialog box located in the Sequence Setup view of the Home Page window, or from the Program or Macro Name run line of the Run Sequence dialog box located in the Programs view of the Processing Setup window.

Table 5. File interconversions for data file types

File type File extension

Xcalibur *.raw

ICIS *.dat

GCQ *.ms

Magnum *.ms

ANDI *.cdf

AutoMass *.spa



To convert a file

1. Select the source and destination directories, and the conversion type in the Thermo File Converter Dialog Box.

2. Click Convert. The data system automatically performs the file conversion and creates a new file. The Status page displays the conversion status of each job.

MassLab2 *.raw

LaserMAT *.*

Table 5. File interconversions for data file types

File type File extension

Table 6. Thermo File Converter dialog box parameters (Sheet 1 of 3)


Conversion Source

Source Data Type View the data type of the file that you want to convert into another data type. All of the files in the Folder list in the Conversion Source area are displayed in the Conversion Source table. You can select the following data types from the Source Data Type list for conversion into another data type:

• Xcalibur Files (*.raw)• ICIS Files (*.dat)• GCQ Files (*.ms)• Magnum Files (*.ms)• ANDI Files (*.cdf )• Automass Files (*.spa)• Mass Lab 2 Files (*.raw)• Lasermat Files (*.*)

The source data type is selected from the Destination Data Type list.

Folder View or change the path to the source file that you want to convert to another data type. The list contains all the paths that you have recently selected. Click Browse in the Conversion Source area to select another path to source files.

Conversion Source table

View the file name, type, size, and date of the files located in the directory specified in the Folder list and of the type specified in the Source Data Type list.

Browse Select the folder that contains the files that you want to convert to another data type and click OK. The data system displays the path to the folder in the Folder list and the previous path remains in the folder list.

If the selected folder has no file of the type specified in the Source Data Type list, no entries appear in the Conversion Source table.

Select All Select all of the files that appear in the Conversion Source table. The data system highlights all of the files.



Clear Selection Clear the currently selected files.

This button is only active when you select one or more files in the Conversion Source table.

Add Job(s) Add the specified conversion job to the Jobs page of the Conversion Destination area. Each file conversion is considered a separate job.

The following is an example of a job displayed on the Jobs page for the conversion of an Xcalibur file of type .raw to an ANDI file of type .cdf:

C:\Xcalibur\examples\data\drugx_06.raw

C:\Xcalibur\examples\data\drugx_06.cdf

The Add Job(s) button is only active when one or more files have been selected on the Jobs page. You can only add a job if you have selected a valid data type in the Destination Data Type list and have selected a valid destination from the Folder list in the Conversion Destination area.

Conversion Destination

Destination Data Type View the data type that you want the source data files converted to. The following data types can be selected from the Destination Data Type list:

• ICIS Files (*.dat)• ANDI Files (*.cdf )• Text Files (*.txt)

The software selects the data type that a source data type file can be converted from in the Source Data Type list.

Folder View the path to the destination folder to hold your converted file. The list contains all the paths that you have recently selected. To select another folder to store your converted files, click Browse in the Conversion Destination area.

Browse Select the folder to hold your converted files and click OK. The data system displays the path to the folder and the previous path remains in the Folder list.

Jobs page This page in the Conversion Destination area displays the jobs that have been selected for conversion. The job display format is as follows:

C:\Xcalibur\examples\data\drugx_06.raw

C:\Xcalibur\examples\data\drugx_06.cdf

To remove a job prior to running the conversion, select the job and click Remove Job(s).

Remove Job(s) Removes jobs that are selected for removal from the Jobs page. You must remove a job prior to converting it.





Library Manager Dialog Box

Use the Library Manager dialog box to manage NIST libraries used with the NIST search software and to convert libraries between the ICIS/GCQ/ITS 40, MassLab, NIST, and ANDI-MS formats.

Xcalibur Library Manager supports the following conversions:

Status page This page in the Conversion Destination area displays the status of jobs that have been converted. The format is as follows:

Successfully converted C:\Xcalibur\examples\data\drugx_06.raw to C:\Xcalibur\examples\data\drugx_06.cdf

This page also displays the status of unsuccessful conversions.

Other Buttons

Convert Starts conversion of all jobs displayed on the Jobs page in the Conversion Destination area. The data system stores the converted files in the displayed folder. The status of all converted files appears on the Status page. This page in the Conversion Destination area displays the status of jobs that have been converted. The format is as follows:

Successfully converted C:\Xcalibur\examples\data\drugx_06.raw to C:\Xcalibur\examples\data\drugx_06.cdf

This page also displays the status of unsuccessful conversions.



ICIS/GCQ/ITS 40 MassLab ANDI-MS NIST

ICIS/GCQ/ITS 40

MassLab

ANDI-MS

NIST

Note The Xcalibur data system does not directly support INCOS, LAB-BASE, or JCAMP library conversions. However, MassLab data system users have a conversion program to convert from a LAB-BASE user library to a MassLab user library. In addition, a conversion tool exists in ICIS (a UNIX system) that can convert a LAB-BASE user library to a MassLab user library.

ToFrom



The Library Manager dialog box has the following pages:

• Convert Libraries Page

• Manage Libraries Page

Convert Libraries Page

Use the Convert Libraries page to convert one type of source library to another type of library at a target location and to copy a library to another location.

Note Library conversion times range from minutes to hours, depending on the number of files and the size of the files.

Table 7. Convert Libraries page parameters (Sheet 1 of 2)


Source Library Details

Type [Source] Choose the source library file type that you want to convert to another file type.

Select any of the following file types: ICIS/GCQ/ITS 40 (*.lib, .lbr), MassLab (*.idb), ANDI-MS (*.cdf ), NIST, or AutoMass (*.spr, *.prs, *.nam, *.hdr).

Library/Browse [Source] Choose the source library that you want to convert. To change the library, click Browse and select the path to the source library on your computer or network.

Process Entries [Source] Specify the number range of the library entries that you want to convert from the source library. If you leave the box empty, the Xcalibur data system converts all entries. The format is First Entry-Last Entry. For example, to convert library entry #100 through library entry #200, type 100-200 in the Process Entries box.

Target library details

Type [Target] View the target library file type when converting the source library.

If you select source library file type ICIS/GCQ/ITS 40, MassLab, ANDI-MS, or NIST, you can select from the following target library file types: ICIS/GCQ/ITS 40 (*.lib, .lbr), MassLab (*.idb), NIST, or ANDI-MS (*.cdf ).

If you select source library file type AutoMass, you can only select the NIST target library file type.

If you select the library type NIST, the Xcalibur data system displays the path to the NIST library folder in the Library box. You specified this location when you installed NIST.

Library/Browse [Target] View the file folder to store the converted library file. To change the folder, click Browse and select the target folder on your computer or network.




Title [Target] Type in a title for the ICIS/GCQ/ITS 40 library or for the Mass Lab library that you create during the conversion. You can add a title to the new library using any format.

Note This box in the Target library details area only becomes active when you select an ICIS/GCQ/ITS 40 or MassLab library.

Add the library to the NIST software for use with xcalibur

Add the converted library to the NIST software for use with the Xcalibur application.

Options

Target library action: Create/Replace

Create a new library in the target directory or to replace an existing library. You can also append (add) the new (converted) entries to a previously created target library.

Target library action: Append Append (adds) the new (converted) entries to a previously created target library. You can also create a new library in the target directory or to replace an existing library.

Include replicate entries from the NIST library in the target library

Include replicate entries in the target library. Otherwise, leave the box unchecked.

Note This check box is only active if you are converting from a NIST library to another format.

Replicate library/browse Specify the location of a replicate library. To change the replicate library, click Browse and select the folder for the replicate library on your computer or network. If you specify a replicate library, the Xcalibur data system adds replicate entries into the appropriate replicate library.

If you select the library type NIST, the Xcalibur data system displays the path to the NIST replicate library folder in the Library box. You specify this location when you install NIST software.

Button

Convert Start the library conversion you have specified using the Convert Libraries page. The Xcalibur application opens the Library Conversion Status dialog box and displays the Conversion Status progress bar and the Conversion Status box. The Status bar displays messages such as the following:

Processed 100% of the entries, continuing on

The Conversion Status box displays sequential chronological (top to bottom) messages such as the following:

• Started the conversion on SEP 3, 1999 at 10:01, please wait

• Finished the conversion on SEP 3, 1999 at 10:02

• Converted 570 entries

Table 7. Convert Libraries page parameters (Sheet 2 of 2)



Manage Libraries Page

Use the Manage Libraries page to add a library to the NIST libraries list or to delete a library from the NIST libraries list. You can also copy a library to another location.

Table 8. Manage Libraries page parameters (Sheet 1 of 2)


NIST Libraries

NIST Libraries list View all of the NIST libraries currently available on your computer or network. You can add libraries to this list, delete libraries from this list, and copy libraries on the list to another location.

Buttons

Add Add a library to the NIST Libraries list. The Add Library dialog box opens.

The Add Library dialog box has the following parameters:

• Parameter

• Description

• Source

Use this button to specify the location of the library that you want to add.

– Copy the library to the local computer: Select this option to copy the selected library to your computer.

– Link to the library from either a remote location or computer: Select this option to access the library remotely.

Note Because libraries can be large, you might save time by using the Link option rather than the Copy option.

Click OK when you have selected the library you want to add and selected Action options.

Delete Delete the library that you have previously selected in the NIST Libraries list. Select the library that you want to delete from the NIST Libraries list. Click Delete. The Delete Library message box opens with the following message:

Are you sure you want to delete the selected NIST library?

Click Yes. The Xcalibur data system removes the library from the list.



Thermo Foundation Audit Viewer

The Thermo Foundation Audit Viewer displays all auditable events and changes made to files created or managed by an application on the Foundation platform.

The Audit Viewer has the following pages:

• All Page, Audit Viewer

• History Page, Audit Viewer

• Event Page, Audit Viewer

• File Tracking Page, Audit Viewer

• Instrument Error Page, Audit Viewer

When you double-click a log item on the All page, the Audit Viewer displays the page associated with the log item and highlights the item on that page. The History page provides a chronological listing of all of the changes made to method files, result lists, or both. The Event page lists auditable software application events that the user initiated. The File Tracking page lists all changes made to data files.

The Audit Viewer has slightly different capabilities when run as a stand-alone application than when run from within a Thermo Scientific layered application.

• When you run the Audit Viewer as a stand-alone application (by choosing Start > All Programs > Thermo Foundation 1.1 > Audit Viewer), the Audit Viewer displays all items in the database (excluding any uncommitted items or unsaved changes), and you can print the data.

• When you open the Audit Viewer from within most applications (by choosing File > Audit Trail), the Audit Viewer displays only the items associated with the current application, including uncommitted items. However, you cannot print the data.

Archive Copy a selected library to another directory on your computer or network. Select the library that you want to copy to another directory. Click Archive. The Archive Library dialog box opens.

The Archive Library dialog box has the following parameters:

• Parameter

• Description

• Destination: Specify the location for the selected library.

Use Browse to select a destination for the selected file. Click OK. The data system makes a copy of the selected NIST library and stores it in the selected directory.

Table 8. Manage Libraries page parameters (Sheet 2 of 2)




• When you open Audit Viewer from within the LCquan application (by choosing File > Audit Trail), the audit view window displays both committed and uncommitted items and you can print the committed items.

In addition, the Audit Viewer contains the following dialog boxes:


• Print Options Dialog Box

• Filter Entries Dialog Box

All Page, Audit Viewer

The All page of the Audit Viewer displays all auditable events and changes made to files created by or managed by a Foundation application. When you double-click a log item on the All page, the Audit Viewer displays the page associated with the log item and highlights the item on that page.

The Audit Viewer has slightly different capabilities when run as a stand-alone application than when run from within a Thermo Scientific layered application. When you run the Audit Viewer as a stand-alone application (by choosing Start > All Programs > Thermo Foundation 1.1 > Audit Viewer), Audit Viewer displays all items in the database (excluding any uncommitted items or unsaved changes), and you can print the data. When you open the Audit Viewer from within an application (by choosing File > Audit Trail), the audit view window displays only the items associated with the current application, including uncommitted items. However, you cannot print the data.

Table 9. All page parameters (Sheet 1 of 2)


Date/Time View when the log entry occurred.

Dataset Name View the dataset that contains the affected files.

Computer Name View the name of the workstation where the item change originated.

User Name View the logon name of the user who changed the item. The administrator of the network assigns logon names for each user.

Full Name View the descriptive name of the user who changed the item. Often, this is the first and last name of the user. The administrator of the network assigns a full name to the logon name for each user.

Application Name View the name of the software application that is associated with the log entry.

Table Name View the type of record: History, Event, or File Tracking. The log entry is found on this page of the Audit Viewer.

Buttons

Sort Specify how you want to sort the entries in the Audit Viewer.

Filter Specify how you want to filter the entries in the Audit Viewer.



History Page, Audit Viewer

The History page of the Audit Viewer provides a chronological listing of all of the parameter changes made to method files or result lists.

The Audit Viewer has slightly different capabilities when run as a stand-alone application than when run from within a Thermo Scientific layered application. When you run the Audit Viewer as a stand-alone application (by choosing Start > All Programs > Thermo Foundation 1.1 > Audit Viewer), Audit Viewer displays all items in the database (excluding any uncommitted items or unsaved changes), and you can print the data. When you open the Audit Viewer from within an application (by choosing File > Audit Trail), the audit view window displays only the items associated with the current application, including uncommitted items. However, you cannot print the data.

Auto Width Expand the table columns to display the longest entry in that column.

Print Print an active file or document.

Refresh Update the log.

Table 9. All page parameters (Sheet 2 of 2)


Table 10. History page parameters (Sheet 1 of 2)




Computer Name View the name of the workstation where the item change originated.

User Name View the logon name of the user who changed the item that is listed in the Item Changed field. The administrator of the network assigns logon names for each user.

Full Name View the full name of the user who changed the item that is listed in the Item Changed field. Often, this is the first and last name of the user. The administrator of the network assigns a full name to the logon name for each user.

Application Name View the name of the software application that is associated with the log entry.

Filename View the name of the affected file. The file name is not case-sensitive.

Path View the route through the file system to the affected file.

Old Row View the pre-change row number of the item if the change resulted in a change of row number.

New Row View the post-change row number of the item if the change resulted in a change of row number.

Change Type View the type of operation (edit, delete, and so on) that changed the item.

Item Changed View the setting that was changed.


http://searchwin2000.techtarget.com/sDefinition/0,,sid1_gci212118,00.html


Event Page, Audit Viewer

The Event page of the Audit Viewer lists auditable application events that were initiated by the user. Events can include starting a Thermo Scientific application, printing a file from within a Thermo Scientific layered application, and importing a file from within an application.

The Audit Viewer has slightly different capabilities when run as a stand-alone application than when run from within an application. When you run the Audit Viewer as a stand-alone application (by choosing Start > All Programs > Thermo Foundation 1.1 > Audit Viewer), Audit Viewer displays all items in the database (excluding any uncommitted items or unsaved changes), and you can print the data. When you open the Audit Viewer from within an application (by choosing File > Audit Trail), the audit view window displays only the items associated with the current application, including uncommitted items. However, you cannot print the data.

Old Value View the old value of the item that is listed in the Item Changed field (if applicable).

New Value View the new value of the item that is listed in the Item Changed field.

User Data 1 View custom user data, if supported by the application. The user data is unique for each application.





Buttons






Table 10. History page parameters (Sheet 2 of 2)


Table 11. Event page parameters (Sheet 1 of 2)


Date/Time View when the event occurred.




File Tracking Page, Audit Viewer

The File Tracking page of the Audit Viewer lists significant events that occur to files that a Thermo Scientific layered application creates or manages. File tracking helps to make sure the data on the hard disk is not tampered with.

The Audit Viewer has slightly different capabilities when run as a stand-alone application than when run from within an application. When you run the Audit Viewer as a stand-alone application (by choosing Start > All Programs > Thermo Foundation 1.1 > Audit Viewer), you can view and print all items in the database (excluding any uncommitted items or unsaved changes). When you open the Audit Viewer from within an application (by choosing File > Audit Trail), the audit view window displays only the items associated with the current application, including uncommitted items. However, you cannot print the data.

Computer Name View the name of the workstation initiating the event.

User Name View the logon name of the user who initiated the event. The administrator of the network assigns logon names for each user.

Full Name View the descriptive name of the user who initiated the event. Often, this is the first and last name of the user. The administrator of the network assigns a full name to the logon name for each user.

Application Name View the name of the software application that is associated with the event.

Event View what occurred. Typical events include importing and exporting data files, methods, and sequences.

Response View the action taken by the user (if any) in response to the event.

Comment View the comment associated with the event.

Buttons






Table 11. Event page parameters (Sheet 2 of 2)


Table 12. File Tracking page parameters (Sheet 1 of 2)




Computer Name View the name of the workstation performing the file change.



Instrument Error Page, Audit Viewer The Instrument Error page of the Audit Viewer lists error codes from instruments.

The Audit Viewer has slightly different capabilities when run as a stand-alone application than when run from within a Thermo Scientific layered application. When you run the Audit Viewer as a stand-alone application (by choosing Start > All Programs > Thermo Foundation 1.1 > Audit Viewer), you can view and print all items in the database (excluding any uncommitted items or unsaved changes). When you open the Audit Viewer from within an application (by choosing File > Audit Trail), the audit view window displays only the items associated with the current application, including uncommitted items. However, you cannot print the data.

User Name View the logon name of the user who changed the file. The administrator of the network assigns logon names for each user.

Full Name View the descriptive name of the user who changed the file. Often, this is the first and last name of the user. The administrator of the network assigns a full name to the logon name for each user.

Application Name View the name of the software application that was used to change the file.

File name View the name of the affected file. The file name is not case-sensitive.

Path View the route through the file system to the affected file.

File Status View the operation or action that caused the entry to be made in the log:

File is createdFile was copiedFile was movedFile was deletedFile was modifiedFile was renamedResult of renameOld folder nameNew folder nameResult of file move

Comment View the comment associated with the log entry.

Buttons



Auto Width View the longest entry in that column.



Table 12. File Tracking page parameters (Sheet 2 of 2)




Table 13. Instrument Error page parameters



Computer Name View the name of the workstation performing the change.

User Name View the logon name of the user who made the change that caused the error notification. The administrator of the network assigns logon names for each user.

Full Name View the descriptive name of the user who made the change that caused the error notification. Often, this is the first and last name of the user. The administrator of the network assigns a full name to the logon name for each user.

Application Name View the name of the software application that was used to change the instrument.

Dataset Name View the dataset that contains the affected instrument.

Instrument Error Code View the code that the application produced when it received information about the instrument error.

Instrument ErrorSeverity

View the severity error level for the incident.

Instrument ErrorString View the instrument error string that was produced.

Device VI State View the status of the device at the time the log event occurred.

Time Offset If an acquisition was in progress when the log event occurred, view the acquisition time. If no acquisition was in progress, this field reads zero.

Buttons



Auto Width View the longest entry in that column.





Sort Entries Dialog Box

Use the Sort Entries dialog box to specify how to sort the entries in the Audit Viewer. Each page in the Audit Viewer has a unique set of fields that you can sort.

Print Options Dialog Box

Use the Print Options dialog box to choose document properties for printing the log.

Table 14. Sort Entries dialog box parameters


1st Sort Field Specify the first field in the log that is sorted.

2nd Sort Field Specify the second field in the log that is sorted. You cannot specify a second sort field if the 1st Sort is not already defined.

3rd Sort Field Specify the third field in the log that is sorted. You cannot specify a third sort field if the 2nd Sort is not already defined.

Ascending Sort fields in ascending order.

Descending Sort fields in descending (reverse) order.

Table 15. Print Options dialog box parameters


Printer Options

Orientation: Portrait Print the log vertically.

Orientation: Landscape Print the log horizontally.

Font Size: Small Print the log in 8-point font.

Font Size: Medium Print the log in 10-point font.

Font Size: Large Print the log in 12-point font.



Filter Entries Dialog Box

Use the Filter Entries dialog box to specify how you want to filter the entries in the Audit Viewer or in the CRC Validator. By applying a filter, you can display a subset of the entries in the Audit Viewer or a subset of the entries to be validated in the CRC Validator.

Thermo Foundation Auditing Database Configuration Manager

Use the Auditing Database Configuration Manager to select and configure the auditing database. Follow the instructions in the box in the top of the Auditing Database Configuration Manager. You must reboot your computer to make the changes effective. For more information on setting up your database, see Chapter 1, “Using the Thermo Foundation Auditing Database Configuration Manager.” Not all of the parameters are displayed at every step in the configuration process.

Table 16. Filter Entries dialog box parameters


Add Non-Date Filter

Operator View or change the operator (AND or OR) used in the filter.

Field View or change the field to filter, for example, Application Name.

Equals String View or change the field value to filter, for example, Authorization Manager.

Add Add the new filter to the Filter Entry box.

Add Date Filter

From Date/Time View or change the earliest date and time for the time/date range for the filter.

To Date/Time View or change the latest date and time for the time/date range for the filter.

Add Add the new filter to the Filter Entry box.

Filter Entry box View or change the filters that an application uses to filter the audit records.

You can click the filters to select them. When a filter is selected, the Remove Filter button becomes active.

Button

Remove Filter Delete the selected filter in the Filter Entry box.

Note If you are using Oracle as the database backend, install at least one relational database on an accessible server and install the Oracle client on the system computer before using the Auditing Database Configuration Manager.



Table 17. Auditing Database Configuration Manager parameters (Sheet 1 of 2)


Database Name View the currently configured database.

This line does not appear if this is the first time that you are running the Auditing Database Configuration Manager.

Database Type View the database type. The database must be an Oracle database on a remote server or a Microsoft Access database on a local computer.


Database Is Installed On Host

View where the Oracle database is installed on the host computer. (When using a Microsoft Access database, this line is blank.)


Database Service Name View the Oracle database service name. (When using a Microsoft Access database, this line is blank.)


User Name View the logon name for the Oracle database. (When using a Microsoft Access database, this line is blank.)


Select Database Type

Oracle On Network Server Select to use a remote server to run the Oracle database. You must enter a valid user name and password to access the database.

Microsoft Access Select to use a local database based on Microsoft Access.

User Name View the Oracle database logon name.

(When using a Microsoft Access database, this box is grayed out.)

Password View the Oracle database password.

(When using a Microsoft Access database, this box is grayed out.)

Oracle Net Service Name View the name of the Oracle Net Service that the database administrator set up during the Oracle Client configuration that provides database connection information. All available names appear in the list.

(When using a Microsoft Access database, this list does not appear.)



Thermo Foundation Authorization Manager

In addition to using the security features of your computer operating system, use the Authorization Manager to define user groups and to set permission levels for those groups. Setting permission levels makes sure that only those who are to some degree responsible for electronic records can access the specific applications that generate them. You must be logged on as an administrator to set these permissions. For more information about using the Authorization Manager to define user groups and set permission levels, see Chapter 3, “Defining Secure User Groups and Adding Users.”

Restart Computer Now Restart the computer automatically when you click Finish.

You must reboot your computer to make the changes effective.

I Will Restart Later End the database configuration without restarting the computer when you click Finish.

You must reboot your computer to make the changes effective.

Button

Finish Close the Auditing Database Configuration Manager.

If you selected the Restart Computer Now option, save and close all other applications before clicking this button.

Table 17. Auditing Database Configuration Manager parameters (Sheet 2 of 2)


Table 18. Foundation Authorization Manager parameters (Sheet 1 of 6)


Available Groups

Domain/Workstation Use preexisting Windows logon groups. Contact your network administrator to create or change logon groups.

Private Use or create a private (local) user group. The administrator of the workstation can create private groups.

Available Groups View the available Windows logon groups (Domain/Workstation option) or private (local) groups (Private option).

To move a group into the Secure Groups box, select the group in the Available Groups list and click >>. To move a group out of the Secure Groups box, select the group in the Secure Groups box and click <<, or double-click the group.

Secure Groups

Create Create private groups.

Select the Private (Available Groups) option to enable the Create button.

Delete Select a private group in the Secure Groups box and click Delete to delete the group.



Secure Groups View the Windows logon groups (Domain/Workstation option) or private (local) groups (Private option) whose permission levels you have set.

To move a group into the Secure Groups box, select the group in the Available Groups list and click >>. To move a group out of the Secure Groups box, select the group in the Secure Groups box and click <<, or double-click the group. To delete a secure group, select the group in the Secure Groups box and click Delete. Right-click a group in the Secure Groups box to display a shortcut menu with the following commands:

Members: Opens the Edit User List Of Private Group dialog box (for private groups) or the Users In Group dialog box (for domain groups).

Globally Set To: Sets all software features in all applications to the same permission level: Disallowed, Signature List, Supervisor Password, Password, or Allowed.

Inherit From: Opens the Choose Secure Group dialog box.

Create Group: Opens the Create Private Group dialog box. (Only for private groups)

Global Security Features

Predefined Comments Require the user to select from a list of predefined comments instead of typing in a comment for features that require comments.

When you select this check box, the Edit button becomes active. Click Edit to open the Edit Comment List dialog box and define a list of comments.

Edit For certain features that require comments, define a list of comments that a user must choose from.





Permission Level Pane

Permission Level pane View permission levels for software applications.

To display the Permission Level pane, select a group in the Secure Groups list.

To display the group’s permission levels for an application, select the application in the Permission Level pane and click Expand Tree. To change a permission level, select a permission for a feature in the Permission Level pane to activate the Permission Level area. Select the new permission level in the Permission Level area.

When you log on after restarting a session, wait a few moments before opening the LCquan application so that the system recognizes your permission levels.

Expand/ Collapse Tree View the permissions for an application after you select the application in the Permission Level pane.

Secure Folders

Secure folders View the folders whose root folder can be changed. In the Permission Level pane, if you set the feature to Allow Change of Root Folder and choose a permission level other than Disallowed, you must define a list of secure folders. For more information about creating a list of secure folders, see Chapter 2, “Establishing Secure File Operations.”

Secure folders are used only in the LCquan application. This box is grayed out unless LCquan is selected in the Permission Level pane.





Add Locate the folder that you want to add to the Secure Folders list.

Secure folders are used only in the LCquan application. This button is grayed out unless LCquan is selected in the Permission Level pane.

Delete Select and remove a folder from the Secure Folders list.

Secure folders are used only in the LCquan application. This button is grayed out unless LCquan is selected in the Permission Level pane.

Permission Level

Disallowed To refuse access to the procedure that you selected, set the permission level of the procedure in the Permission Levels pane to Disallowed. By default, all new secure user groups have all features set to Disallowed.

If Disallowed and Allowed are the only options available (all of the other options are grayed out), then these options do not indicate permission levels, but instead indicate configuration settings. Disallowed means that the selection in the Permission Levels pane is not displayed by the application and Allowed means that the selection is displayed.

For example, if you select Xcalibur Configuration | Allow To Access | Dataset List page in the Permission Levels pane, only the Disallowed and Allowed settings are available. If you select Disallowed, the Dataset List page is not displayed in the Xcalibur Configuration dialog box. If you select Allowed, the Dataset List page is displayed in the Xcalibur Configuration dialog box.

Signature List Require that the names and passwords of everyone on the signature list be entered to perform the action that you selected in the Permission Levels pane. When an action with a permission level of Signature List is chosen, a series of password dialog boxes appear, one for each signature (name and password of a member of a designated signature group). The order of the groups shown in the Signature List Groups: Signature Required list defines the order in which the password dialog boxes appear.

Supervisor Password Require that the name and password of the supervisor be entered to perform the action that you selected in the Permission Levels pane. In this context, a supervisor is any person who has permission to do this operation—that is, the person’s permission level for this operation is either Allowed or Password Required.

Password Required Require that the password of the user be entered to perform the action that you selected in the Permission Levels pane.





Allowed No restrictions. Allows the user to perform the action that you selected in the Permission Levels pane without restriction.

If Disallowed and Allowed are the only options available (all of the other options are grayed out), then these options do not indicate permission levels, but instead indicate configuration settings. Disallowed means that the selection in the Permission Levels pane is not displayed by the application and Allowed means that the selection is displayed.

For example, if you select Xcalibur Configuration | Allow To Access | Dataset List page in the Permission Levels pane, only the Disallowed and Allowed settings are available. If you select Disallowed, the Dataset List page is not displayed in the Xcalibur Configuration dialog box. If you select Allowed, the Dataset List page is displayed in the Xcalibur Configuration dialog box.

Disallowed State

Hidden Hide the disallowed action that you selected in the Permission Levels pane.

Grayed Gray out the disallowed action that you selected in the Permission Levels pane.

Signature List Groups

Available Groups View the groups whose signatures you can require.

To move a group into the Signature Required list, select the group in the Available Groups list and click >>. To move a group from the Signature Required list, select the group in the Signature Required list and click << or double-click the group. The only groups that can be in the Signature Required list are those groups that have permission (Allowed or Password Required) to do the operation.

Select Permission Level: Signature List to activate the Available Groups list.

Signature Required Require a signature from a specified group. When an action with a permission level of Signature List is chosen, a series of password dialog boxes appear, one for each signature (name and password of a member of a designated signature group). The order of the groups shown in the Signatures Required list defines the order in which the password dialog boxes appear.

To move a group into the Signature Required list, select the group in the Available Groups list and click >>. To move a group from the Signature Required list, select the group in the Signature Required list and click <<. The only groups that can be in the Signature Required list are those groups that have permission (Allowed or Password Required) to do the operation.

Select Permission Level: Signature List to activate the Signatures Required list.





Use the Authorization Manager to set permissions for the application features. You can set them for individuals or for groups. Certain permission level settings override other settings.

Current User Must Sign Add the current user to the Signatures Required list.

Select Permission Level: Signature List to activate the Current User Must Sign check box.

Move Group Up Move the group that you selected in the Signatures Required list up one spot in the list.

Select Permission Level: Signature List to activate the Move Group Up button.

Move Group Down Move the group that you selected in the Signatures Required list down one spot in the list.

Select Permission Level: Signature List to activate the Move Group Down button.

Other Requirements

Comment Require the user to enter a comment that will appear in the Audit Log when performing an action.

All Features

All Applications Set the software features in all applications to the same permission level that you just set.

This Application Set all of the other software features in the selected application to the same permission level that you just set.

Set To Same Set all the other software features (for all applications or for just this application) to the same permission level that you just set.

Buttons

History Log Open the Audit Viewer. The Audit Viewer is a record of all changes made to the security settings. The following events are logged:

• The creation of a private group

• A change in group permissions

• A switch between private and domain/workstation groups

• Changes to the Signature List

Print Print a report of Authorization Manager settings for each secure group. The reports include listings of group members, secure folders, and applications and their permissions.

Export Save the Authorization Manager settings in a permissions file.

Import Import previously saved Authorization Manager settings. You save Authorization Manager settings in a permissions file.





The following table lists the application features that you can configure in the Authorization Manager.

Table 19. Authorization Manager application features (Sheet 1 of 5)

Features Description

CRC Validator

Run Application If you set this feature to Disallow, then the user cannot open the software application. In this case, the application ignores the permission level settings for other Features.

If a user whose permission is set to Disallow tries to access the system, an entry is made in the Global Auditing Database history log.

Home Page

Run Application If you set this feature to Disallow, then the user cannot open the software application. In this case, the application ignores the permission level settings for other features.


Selecting the Disallow check box hides access to the following features:

Dataset Selection • Dataset Selection Displayed at Startup• Dataset Selection Allowed in Menu• Allow New Dataset

Analysis • Start Analysis• Stop Analysis• Pause Analysis

Devices • Devices On• Devices Standby• Devices Off• Automatic Devices On

Sequence Operations • Run Sequence• Batch Sequence• Import Sequence• Export Sequence• Run This Sample

File File Save

Print Print Sequence

Instrument Setup






Dataset Application • Dataset Selection Displayed at Startup• Dataset Selection Allowed in Menu• Allow New Dataset

File File Save

Print Print Instrument Method

Library Manager




Dataset Application • Dataset Selection Displayed at Startup• Allow New Dataset

Manage Libraries • Add Library• Delete Library• Archive Library

Convert Libraries Convert Library

Processing Setup





File File Save

Print Print Processing Method

Options • Change Chromatography Type• Calibration Options• Delete Selected Component

Programs Program Changes

Qual Browser









Layout Usage • Apply Layout• Apply Default Layout• Save Layout• Save Layout as Default • Restore Factory Default

Tools Add Tools

Edit • Copy View to Clipboard.• Copy Special to Clipboard• Copy Cell to Clipboard

Print Print Cells

Quan Browser





Export Export Processing Method

Export Data to Excel • Export Short Excel Report• Export Long Excel Report

View All Samples • Show All Samples• Show Standard and QC Sample Types

Options Delete Selected Component

Results Grid • Delete Selected Samples• Add Samples• Copy Row





File File Save

Save All Save All Result Files

Print Print Reports

Queue Manager





Queue • Pause Queue• Resume Queue• Purge Queue

Analysis Remove From Queue

Subtract Background





Operation Proceed

Xcalibur Configuration




Customer Info Print User Info





Allow Access to Tabs • Folders• Customer Info• Fonts• Peak Detection• Mass Options• Labeling and Scaling• Intelligent Shutdown• Dataset List

Reset Reset Allowed

Instrument Configuration




Instrument Operations • Add Instrument• Remove Instrument• Configure Instrument

File Converter





Convert Button Convert Button Check

XReport







In addition, the Authorization Manager contains the following dialog boxes:


• Create Private Group and Edit User List Of Private Group Dialog Boxes

• Comment List Dialog Box

• Users In Group Dialog Box

Choose Secure Group Dialog Box

Use the Choose Secure Group dialog box to select a secure user group so you can copy the complete set of permission levels to another group.

Create Private Group and Edit User List Of Private Group Dialog Boxes

Use the Create Private Group dialog box to create a new private (local) group and to add users to the group. After you create a private group, use the Edit User List Of Private Group dialog box to add or remove users from the group.

Table 20. Choose Secure Group dialog box parameters


Secure Group View the list of secure user groups. When you select a group and click OK, the complete set of permission levels for the group is copied to the group selected in the Secure Groups list in the Authorization Manager.

Table 21. Create Private Group dialog box parameters (Sheet 1 of 2)


System Group Select a domain name.

Users In System Group View the user accounts in the selected domain.

Group Name View the name of the new private group.

Users in Private Group View users in the new private group.



Comment List Dialog Box

Use the Edit Comment List dialog box to define a list of comments that a user must select from for features that require entering a comment.

Users In Group Dialog Box

Use the Users In Group dialog box to view the users in a domain or workstation logon group. Because the domain administrator controls membership in these groups, the lists in this dialog box are read-only. See your domain administrator to make changes to domain or workstation logon groups.

New Comment Dialog Box

Use the New Comment dialog box to add comments to the list of predefined comments.

Buttons

Add Add the currently selected user in the Users In System Group list to the new private group.

Delete Remove the currently selected user in the Users in Private Group list.

Table 21. Create Private Group dialog box parameters (Sheet 2 of 2)


Table 22. Edit Comment List dialog box parameters


Comment View the predefined comments in the order that they appear to the user.

Buttons

Add New Comment Define a new comment.

Remove Comment Delete the currently selected comment in the Comment list.

Move Up Move the selected comment up one position in the Comment list.

Move Down Move the selected comment down one position in the Comment list.

Table 23. Users In Group dialog box parameters


Users In Group Users who are currently in the domain logon group.

Users Not In Group Users who are not currently in the domain logon group.

Table 24. New Comment dialog box paramters


Enter A New Comment Enter a new comment to be added to the Comments list.



Thermo Foundation CRC Validator

Use the CRC Validator to compare the cyclic redundancy check (CRC) value stored in the database with the one calculated for the current file or files on the hard disk.

Table 25. CRC Validator parameters (Sheet 1 of 2)


File Selection

Files Matching Database Filter

Select files by using the filter shown in the Database Filter box.

Edit Filter Specify how you want to filter the entries in the Audit Viewer or in the CRC Validator.

Database Filter View the current database filter. This box is read-only.

The default filter is the last selected dataset name. To change the filter, click Edit Filter.

Files Matching Pattern Select files matching the file pattern listed in the File Path and File Name lists.

File Path The path to files to be checked. You can enter the path manually or click Browse to select the path.

File Name The name of the file to check. You can use a wildcard character to represent one or more characters in the file name. Use an asterisk (*) as a substitute for zero or more characters. Use a question mark (?) as a substitute for a single character in the file name. You can also select a common file extension from the list.

Include Subfolders To include all subfolders in the search for matching files.

Check Results

View the results of the comparison of the CRC value for each selected file. The table includes the name of the file tested, the status of the check, and the full path to the file.

File Name View the name of the file tested, including the extension.

Status View the status of the check. The status value is one of the following:

CRCs Match: The CRC stored in the database matches the CRC just calculated for the file.

CRCs Do Not Match: The CRC stored in the database does not match the CRC just calculated for the file. Most likely, the file has been modified since the tracking record was created.

File Not In Database: The file was found on the hard disk but was not found in the database. It might not be a tracked file.

File Not On Disk: The file was found in the database but was not found on the hard drive. The file might have been deleted or archived.

Folder Name View the full path to the file.

Files Tested View the total number of files tested.



The CRC Validator also contains the “Filter Entries Dialog Box” on page 89.

Not In Database View the number of files that were not found in the database.

Not On Disc View the number of files that are in the database but could not be found on the disk.

CRCs Match View the number of files where the CRC value stored in the database matches the CRC just calculated for the file.

CRCs Differ View the number of files where the CRC value stored in the database does not match the CRC just calculated for the file.

Buttons

Check Start the comparison of the CRC value stored in the database with the one calculated for the specified file or files on the hard disk.

Print Print the CRC validation report. The report contains the filter or file mask used and the time and date that the report was produced.

Table 25. CRC Validator parameters (Sheet 2 of 2)



I

Index

Aaccess

restricting to folders and files 10allowed (permission level), definition 33archiving files 27audit log, requiring comments for 35Audit Viewer

filtering entries 49Instrument Error Page 86printing entries 51sorting entries 50starting from Windows desktop 46tabs 48use for auditing 45

Auditing Database Configuration Manager wizard, showing restart settings 3

auditing databases, accessing 46auditing databases, configuring 2Authorization Manager

history log for 38printing security settings in 38saving controlled feature settings in 38using 30

Automatic Logoff feature 22Automatic Logoff Setup dialog box 22

Ccomments, requiring 35configuration file 38configuring the auditing database 2controlling user access through secure user groups 31CRC Validator, checking files with 40Create private group dialog box, using 32cyclic redundancy check (CRC) 39

Ddatabase filters, selecting files using 41database, configuring auditing 2

DatabaseConfigManager dialog box 3databases

Global Auditing database, accessing 45workbook database, accessing 45

disallowed (permission level), definition 33disallowed state, changing appearance of 34domain logon groups

defining as secure 32definition 30

Eexporting permissions 36

Ffiles

configuring security settings for 10removing and archiving 27

Filter Entries dialog box 49filters, selecting files using 41Finnigan Security Server

confirming properties of 7functions 7

Finnigan Security Server Properties dialog boxLog On page 8

foldersconfiguring security settings for 10permissions, inheriting 10

GGlobal Auditing database 46

Hhistory log for Authorization Manager 38

Iimporting permissions 36inheriting permissions 36


Index: L

Instrument Configuration dialog box 72Instrument Error page, Audit Viewer 86

LLibrary Manager dialog box 77logging on and off 22

Mmulti-user logon 22

OOut Of Date Instrument Drivers Detected dialog box 73

Ppassword (permission level), definition 33patterns, using to select files 43permission levels

Allowed, definition 33definition (table) 33Disallowed, definition 33exporting 36importing 36inheriting 36lost when user group deleted 35Password, definition 33retained when user group moved 35setting 33setting all 36setting all features to same 35Signature list, definition 33Supervisor password, definition 33

permissions, for folders and filessetting 15settings for administrators 16

printing security settings 38private groups

creating 32defining as secure 32definition 30editing 33

Rremoving files 27

Ssaving controlled feature settings 38security folder, configuration file and 38security server

See Finnigan Security Serversecurity settings

folders and files 10printing from Authorization Manager 38

selecting files using a pattern 43selecting files using database filters 41Sequential User Logon feature 22Set To Same button 35signature list

definition 35order of password dialog boxes and 35

signature list (permission level), definition 33Sort Entries dialog box 50Status values for CRC Validation 41Supervisor Password (permission level), definition 33

TThermo File Converter dialog box 74

Uuser authentication 7user groups

defining 31editing 33planning 30single user belonging to multiple 30

Wworkbooks, auditing databases 46
