GeneMapper ID-X Software Version 1.0

Transcription

1 Administrator s Guide GeneMapper ID-X Software Version 1.0 Note: To improve the clarity of graphics in this PDF file, use the zoom tool to increase magnification to 150% or greater.

2

3 Administrator s Guide Setting Up User Accounts and User Access GeneMapper ID-X Software Version 1.0 Managing the Auditing System Managing the E-Signature System Maintaining the Software and Database Application

4 Copyright 2007, Applied Biosystems. All rights reserved. For Research Use Only. Not for use in diagnostic procedures. Information in this document is subject to change without notice. Applied Biosystems assumes no responsibility for any errors that may appear in this document. APPLIED BIOSYSTEMS DISCLAIMS ALL WARRANTIES WITH RESPECT TO THIS DOCUMENT, EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THOSE OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL APPLIED BIOSYSTEMS BE LIABLE, WHETHER IN CONTRACT, TORT, WARRANTY, OR UNDER ANY STATUTE OR ON ANY OTHER BASIS FOR SPECIAL, INCIDENTAL, INDIRECT, PUNITIVE, MULTIPLE OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH OR ARISING FROM THIS DOCUMENT, INCLUDING BUT NOT LIMITED TO THE USE THEREOF. Notice to Purchaser: License Disclaimer. Purchase of this software product alone does not imply any license under any process, instrument or other apparatus, system, composition, reagent or kit rights under patent claims owned or otherwise controlled by Applera Corporation, either expressly, or by estoppel. Applera, Applied Biosystems, AB (Design), and GeneMapper are registered trademarks of Applera Corporation or its subsidiaries in the U.S. and/or certain other countries. This product includes software developed by the Apache Software Foundation. This product includes software developed by the ExoLab Project. JNIRegistry is copyrighted by ICE Engineering, Inc. Microsoft and Windows are registered trademarks of Microsoft Corporation. Oracle is a registered trademark of Oracle Corporation. All other trademarks are the sole property of their respective owners. Part Number Rev. A 09/07

5 Contents Preface vii How to Use This Guide vii How to Obtain More Information ix How to Obtain Support x Chapter 1 Setting Up User Accounts and User Access GeneMapper ID-X Software Electronic Data Chain-of-Custody Systems Overview of the Security System Default User Accounts, Profiles, User Groups, and Security Groups Default Profiles Default Security Groups Default User Groups Default User Accounts Getting Started Starting the Security Manager Setting Password Policies Setting Up User Accounts Using Default User Accounts Creating New User Accounts Creating a User Account for Autoanalysis Using Security Groups to Control Data Access Customizing Profiles Creating Profiles Editing or Deleting Profiles Profile Elements Customizing User and Security Groups Creating User Groups iii

6 Creating Security Groups Maintaining User Accounts Editing User Accounts Changing the Password for a User Account Deleting a User Account Activating, Deactivating, and Suspending User Accounts.. 40 Viewing the Security Report Exporting and Importing the Security Settings Chapter 2 Managing the Auditing System Overview of the Audit System Default Audit Map Settings Using the Audit Map Starting the Audit Manager Configuring the Audit Map Printing an Audit Map Settings Report Audit Map Elements Viewing Audit History Records Starting the Audit History Viewer Creating Audit Record Queries Performing Audit Record Queries and Viewing Audit Records Example Audit Records Printing Audit Records Backing Up, Removing, and Restoring Audit Records Chapter 3 Managing the E-Signature System Overview of the Electronic Signature (E-Signature) System Default E-Signature Settings Configuring the E-Signature System Starting the E-Signature Manager Enabling the E-Signature Function Configuring E-Signature Actions E-Signature Action Maps iv

7 Viewing E-Signature Records Specifying E-Signature Queries Performing E-Signature Queries and Viewing E-Signature Records Printing E-Signature Records Backing Up, Removing, and Restoring E-Signature Records Chapter 4 Maintaining the Software and Database Application 75 Maintenance Overview Recommended Maintenance Schedule Using and Maintaining the Oracle Database Database Access Maintaining the Database Using the Database Dashboard Software Dashboard Features Setting a Dashboard Password Starting the Database Dashboard Reviewing the Database Statistics Allocating Disk Space Options for Creating More Disk Space Allocating Additional Disk Space Viewing Project Statistics Backing Up the Database When to Back Up the Oracle Database Backing Up (Exporting) the Database Restoring (Importing) the Database Generating a Database Report Appendix A Operating the Software from a Command Line Operating the Software from a Command Line Creating a Batch File to Run the Command-Line Interface.. 93 Example Batch File Running the Batch File Example Commands v

8 Example #1: Analyze Sample Files Example #2: Analyze Sample Files with Named Ladders Example #3: Export Project Data Example #4: Export Sample Plot to PDF Command-Line Arguments Index vi

9 Preface How to Use This Guide Purpose of This Guide This guide describes the procedures for configuring and maintaining the following administrative tools of the GeneMapper ID-X Software Version 1.0 (v1.0) after it is installed: Security Manager (Chapter 1) Use this tool to control a user s access to the GeneMapper ID-X Software, to functions in the software, and to data (projects, plot settings, table settings, kits and panels, report settings, size standards, analysis methods). Audit Manager (Chapter 2) Use this tool to configure the auditing system to create and record an audit trail for changes (create/modify/delete) to data. Esig Administrator (Chapter 3) Use this tool to configure the electronic signature system that requires users to sign-off on changes to data. Database Dashboard (Chapter 4) Use this tool to monitor real-time information about database performance, space utilization, and operating systems usage. You can also allocate additional disk space and back up the database. Note: For instructions on configuring the software to prepare for analysis, see the GeneMapper ID-X Software v1.0 Human Identification Getting Started Guide. Audience Assumptions This guide is written for laboratory personnel responsible for configuring and maintaining the GeneMapper ID-X Software. This guide assumes that you have a working knowledge of the Microsoft Windows operating system. vii

10 Preface How to Use This Guide Text Conventions User Attention Words This guide uses the following conventions: Bold indicates user action. For example: Enter 0, then press Enter for each of the remaining fields. Italic text indicates new or important words and is also used for emphasis. For example: Before analyzing, always prepare fresh matrix. A right arrow bracket ( ) separates successive commands you select from a drop-down or shortcut menu. For example: Select File Open Spot Set. Right-click the sample row, then select View Filter View All Runs. Two user attention words appear in Applied Biosystems user documentation. Each word implies a particular level of observation or action as described below: Note: Provides information that may be of interest or help but is not critical to the use of the product. IMPORTANT! Provides information that is necessary for proper instrument operation, accurate chemistry kit use, or safe use of a chemical. Examples of the user attention words appear below: Note: The size of the column affects the run time. Note: The Calibrate function is also available in the Control Console. IMPORTANT! To verify your client connection to the database, you need a valid Oracle user ID and password. IMPORTANT! You must create a separate Sample Entry Spreadsheet for each 96-well plate. viii

11 Preface How to Obtain More Information How to Obtain More Information Related Documentation The following related documents are shipped with the software: GeneMapper ID-X Software Version 1.0 Installation Guide Describes how to install the software. GeneMapper ID-X Software Version 1.0 Human Identification Getting Started Guide Explains how to set up the software, configure software settings, create projects, analyze example data provided with the GeneMapper ID-X Software, and view, interpret, and export results. GeneMapper ID-X Software Version 1.0 Online Help Describes specific software features and provides procedures for common tasks. GeneMapper ID-X Software Version 1.0 Reference Guide Describes peak detection and allele calling algorithms, quality values, and software optimization, validation, and verification. GeneMapper ID-X Software Version 1.0 Quick Reference Guide Provides basic workflows and compatibility information for use while using the software. Portable document format (PDF) versions of this guide and the other documents are available on the GeneMapper ID-X Software Version 1.0 Documentation CD. Note: For additional documentation, see How to Obtain Support on page x. Send Us Your Comments Applied Biosystems welcomes your comments and suggestions for improving its user documents. You can your comments to: ix

12 Preface How to Obtain Support How to Obtain Support For HID support, you can send an to or call option 1. For HID support outside North America, contact your local support office. For the latest services and support information for all locations, go to then click Support. At the Support page, you can: Access worldwide telephone and fax numbers to contact Applied Biosystems Technical Support and Sales facilities. Search through frequently asked questions (FAQs). Submit a question directly to Technical Support. Order Applied Biosystems user documents, MSDSs, certificates of analysis, and other related documents. Download PDF documents. Obtain information about customer training. Download software updates and patches. x

13 Chapter 1 Setting Up User Accounts and User Access Chapter 1 Setting Up User Accounts and User Access Chapter 2 Managing the Auditing System This chapter covers: GeneMapper ID-X Software Electronic Data Chain-of- Custody Systems Overview of the Security System Default User Accounts, Profiles, User Groups, and Security Groups Getting Started Setting Up User Accounts Using Security Groups to Control Data Access Customizing Profiles Customizing User and Security Groups Maintaining User Accounts Viewing the Security Report Exporting and Importing the Security Settings Chapter 3 Managing the E-Signature System Chapter 4 Maintaining the Software and Database Application 1

14 Chapter 1 Setting Up User Accounts and User Access GeneMapper ID-X Software Electronic Data Chain-of-Custody Systems GeneMapper ID-X Software Electronic Data Chain-of-Custody Systems The GeneMapper ID-X Software contains three systems that assist with chain-of-custody of electronic data. These systems can be custom-configured or turned off by the GeneMapper ID-X Software System administrator as needed: Security system Controls user access to software functions and data, and allows custom configuration that meets the datasharing needs of your laboratory (described in this chapter) Auditing system Tracks changes and provides audit history reports (described in Chapter 2) E-signature system Requires user-authentication before changes are saved (described in Chapter 3) 2

15 Chapter 1 Setting Up User Accounts and User Access Overview of the Security System Overview of the Security System The GeneMapper ID-X Software security system allows you to control user behavior by specifying: What data a user can access, based on the user and security Group(s) the user belongs to. What functions a user can perform, based on the user profile. A user with an Admin profile sets up user accounts, profiles, user groups, and security groups using wizards in the Access Control Administration window. Security System Components The four components of the security system are defined below. Table 1 Components of the security system Component User Account Profile User Group Security Group Description All users log in to the GeneMapper ID-X Software with a user account created by the GeneMapper ID-X system administrator. A profile defines the set of software functions that a user is allowed to perform. For example, profiles can allow or deny a user the right to view, create, edit, delete analysis methods, or analyze data. The system administrator configures profiles, or uses default profiles provided with the software. When the system administrator creates a user account, the administrator assigns a profile to the user. Users can have only one profile. User groups are associated with security groups, which control the data a user can access. Users can access data assigned to a security group only if their user group is associated with the security group. The system administrator defines user groups or uses default user groups provided with the software. When a user account is created, the user must be assigned to at least one user group, but the user can be assigned to several groups. Security groups determine the data that user groups can access. A user group must be associated with at least one security group, but can be associated with several. A user can access only data (for example, analysis methods, panels, size standards, matrices, or projects) that have been saved with a security group that is associated with one of the user groups to which the user belongs. 3

16 Chapter 1 Setting Up User Accounts and User Access Overview of the Security System In summary: Each user has only one profile. Each user belongs to one or more user groups and each user group is associated with one or more security groups. Security groups associated with a user group and data determine the data a user can access. Therefore: A user can access the data in a security group that is associated with any of the user groups to which the user belongs. A user can perform any of the software functions permitted by the user s profile. User Profile A user can perform actions allowed by the user s profile User Group Security Group Security Group Users A Data C cannot access A Security Groups B Users in a user group can access the data of the security groups associated with the user group Data Access Control Security groups control access to any of the following items: Projects Report settings Plot settings Size standards Table settings Analysis methods Panels and bin sets Matrix files Items are associated with a security group when a user creates or edits, then saves the item (described on the next page). 4

17 Chapter 1 Setting Up User Accounts and User Access Default User Accounts, Profiles, User Groups, and Security Groups Associating a Security Group with an Item Whenever users save an item, they must select a security group from a drop-down list in the Save or Save As dialog box. Users can select the GeneMapper ID-X Security Group (available to everyone) or any other security group that they are allowed to use (see below). For example, the figure below shows the drop-down list that appears when a user with access only to the Casework and GeneMapper ID-X security groups saves a new project. Bypassing Security Group Access Control If you do not want to control access to data in your laboratory, instruct all users to specify the GeneMapper ID-X security group when creating projects and settings. All users have access to items associated with the GeneMapper ID-X security group. Default User Accounts, Profiles, User Groups, and Security Groups Applied Biosystems provides default user accounts, profiles, user groups, and security groups so that you can use the security system with minimal set up. You can use the defaults without changes or as a starting point to customize your own security system. Note: If your GeneMapper ID-X Software system administrator has modified the default user accounts, profiles, user groups, and/or security groups, the tables in this section may no longer be accurate. 5

18 Chapter 1 Setting Up User Accounts and User Access Default User Accounts, Profiles, User Groups, and Security Groups The discussion in this section covers the default profiles, user groups, and security groups provided by the GeneMapper ID-X Software. With these defaults, a system administrator can quickly create a working security system. Duplicating Defaults Before Modifying Before modifying a default component of the security system, duplicate it and save it under a new name. To duplicate any default component, open the Security Manager, select the default, then select Edit Duplicate. You will need to duplicate the default user accounts multiple times to provide each user with an account that has a unique or laboratory-specific login name. Relationship Between User Accounts, Profiles, and User Groups A user s account determines what the user can do (profile) and access (user groups). Profiles and user groups must exist before any user accounts are created, so they are presented in this section before user accounts. The GeneMapper ID-X Software system administrator is responsible for maintaining profiles and user groups. The administrator can: Use default profiles and user groups provided by the GeneMapper ID-X Software. Create custom profiles and user groups. Use a combination of defaults and custom profiles, user groups, and security settings. 6

19 Chapter 1 Setting Up User Accounts and User Access Default User Accounts, Profiles, User Groups, and Security Groups Default Profiles The profile that is specified in a user account determines the software functions a user can perform. Four default profiles are provided by Applied Biosystems. Note: If your GeneMapper ID-X Software system administrator has modified or customized the default profiles, they may differ from the defaults described in Table 2. Table 2 Default profiles actions allowed and not allowed Profile Actions Allowed Actions Not Allowed Technician/ Read Only Open, view, and export projects, analysis methods, panels, matrices, and size standards associated with the security groups that the user is permitted to access Generate reports Create, edit, delete, export, and import table settings, plot settings, and report settings associated with the security groups the user is permitted to access Use of the CODIS Export Manager Create projects Add samples to projects Create, edit, or change settings in a project (analysis method, panel, size standard, matrix) Analyze data Override GQ, CGQ, or SQ Edit allele labels Perform Remote Shutdown Add profiles to the Profile Manager Access and manage the Security, Audit Trail, and E-signature systems Analyst All actions allowed to the Technician/Read Only profile, plus: Create, import, edit, or delete projects, panels, matrices, and size standards associated with the security groups that the user is permitted to access Edit sizing range and analysis range in analysis methods Save or Save As analysis methods Add samples to projects Change selections in a project (analysis method, panel, size standard, matrix) Analyze data Edit alleles Override SQ, GQ, and CGQ Create a new analysis method Edit analysis method parameters other than sizing range and analysis range Add profiles to the Profile Manager Access and manage the Security, Audit Trail, and E-signature systems 7

20 Chapter 1 Setting Up User Accounts and User Access Default User Accounts, Profiles, User Groups, and Security Groups Table 2 Default profiles actions allowed and not allowed (continued) Profile Actions Allowed Actions Not Allowed Scientist Admin Profile All actions allowed to the Analyst profile, plus: Create or modify/save analysis methods Add profiles to Profile Manager All possible actions, which include: Access and manage the Security, Audit Trail, and E-signature systems All GeneMapper ID-X Software functions Access and manage the Security, Audit Trail, and E-signature systems None Default Security Groups The security groups specified in a user account determine the: Specific data (for example, analysis methods, panels, size standards, matrices, and projects) a user can access. The Read (view or select) or Update (create, edit, delete, analyze) privileges allowed for the data. The Read/Update privileges associated with a security group can clash with the actions permitted in user profiles (profiles also define read/write privileges). For this reason, all the default security groups defined by Applied Biosystems have both Read and Update privileges. IMPORTANT! There are software functions (for example, changing table or plot settings) that are not covered in profiles. You can use security group Update privileges to control use of these functions. The software contains three default security groups: GeneMapper ID-X (read and update) Casework (read and update) Databasing (read and update) When users create or edit and then save an item, they select a security group from a drop-down list in the Save dialog box. Users can select any of the three default security groups to which they have access. 8

21 Chapter 1 Setting Up User Accounts and User Access Default User Accounts, Profiles, User Groups, and Security Groups Default User Groups Security group definitions are just names. Their significance depends entirely on the user groups they are associated with. When a user saves an item and assigns it a security group, it means that: Any user in any user group that is associated with that security group can access the data. Users who are only in user groups that are not associated with the selected security group cannot access the data. Four default user groups are associated with the default security groups: Note: If your GeneMapper ID-X Software system administrator has modified or customized the default user groups, they may differ from the defaults described in Table 3. Table 3 Default user groups and associated security groups Default User Group Name Security Group/Privileges Read = View or select Update = Create, edit, delete, analyze Accessible Data All Users GeneMapper ID-X /read+update Data assigned to the GeneMapper ID-X security group Casework Users Databasing Users Administrators Casework/read+update GeneMapper ID-X/read+update Databasing/read+update GeneMapper ID-X/read+update Casework/read+update Databasing/read+update GeneMapper ID-X/read+update Admin/read+update Private data assigned to the Casework security group Data assigned to the GeneMapper ID-X security group Private data assigned to the Databasing security group Data assigned to the GeneMapper ID-X security group All data A Practice user group and a Practice security group are also provided for use with the Getting Started Guide. 9

22 Chapter 1 Setting Up User Accounts and User Access Default User Accounts, Profiles, User Groups, and Security Groups Default User Accounts IMPORTANT! If you migrate to the GeneMapper ID-X Software from GeneMapper ID Software v3.1 or 3.2, user accounts from v3.1 or 3.2 are deleted and not available in the GeneMapper ID-X Software. You must create new user accounts in the GeneMapper ID- X Software. Nine default user accounts are provided with the software. Each of these accounts has a profile and one or more user groups assigned. Table 4 shows the characteristics of the type of user who is intended for each of the nine accounts. Note: If your GeneMapper ID-X Software system administrator has modified or customized the default user accounts, they may differ from the defaults described in Table 4. Table 4 Default user accounts Default User Account Name Casework Tech Databasing Tech Casework Analyst Databasing Analyst Casework Tech Lead Databasing Tech Lead gmidx Administrator Intended User User who requires read-only access to the software. This user account does not allow analysis or changes to the software but does allow viewing, reporting, printing, and exporting of data. User who requires access to analyze (with limited ability to change analysis settings), view, edit, report, and print data. User who requires full access to all functions of the software: analyze, view, edit, report, and print data; and all administrative functions: Security Manager, Audit Manager, and E-Sig Manager. Default user account with full access to all functions of the software: analyze, view, edit, report, and print data; and all administrative functions: Security Manager, Audit Manager, and E-Sig Manager. For Applied Biosystems use only. A Practice user account with Scientist Profile is also provided for use with the Getting Started Guide. 10

23 Chapter 1 Setting Up User Accounts and User Access Default User Accounts, Profiles, User Groups, and Security Groups To add a new account for a user that matches one of these descriptions, duplicate the appropriate user account, rename it for that specific user, then assign a new password. Applied Biosystems cannot retrieve passwords. Do not lose the new password for the gmidx account. This account can be used to reset passwords for other accounts. Applied Biosystems cannot reset the password for this account if it is lost. For more detail about the profiles, user groups, and security groups for the default user accounts, see Table 5. Note: If your GeneMapper ID-X Software system administrator has modified or customized the default user accounts, profiles, user groups, and/or security groups, user access may differ from the defaults described in Table 5. Table 5 Default user accounts data access allowed User Account Profile User Groups Belonged To Security Group/Privileges Read = View or select Update = Create, edit, delete, analyze Casework Tech Technician/ Read Only All Users Casework User Group GeneMapper ID-X/read+update Casework/read+update Casework Analyst Analyst All Users Casework User Group GeneMapper ID-X/read+update Casework/read+update Casework Tech Lead Admin Profile All Users Casework User Group GeneMapper ID-X/read+update Casework/read+update Databasing Tech Technician/ Read Only All Users Databasing User Group GeneMapper ID-X/read+update Databasing/read+update Databasing Analyst Analyst All Users Databasing User Group GeneMapper ID-X/read+update Databasing/read+update Databasing Tech Lead Admin Profile All Users Databasing User Group GeneMapper ID-X/read+update Databasing/read+update 11

24 Chapter 1 Setting Up User Accounts and User Access Getting Started Table 5 Default user accounts data access allowed (continued) User Account Profile User Groups Belonged To Security Group/Privileges Read = View or select Update = Create, edit, delete, analyze gmidx Administrator Admin Profile All Users Casework User Group GeneMapper ID-X/read+update Casework/read+update Databasing User Group Databasing/read+update Administrators Admin A Practice user account with Scientist Profile is also provided for use with the Getting Started Guide. It is associated with the Practice user group and Practice security group. Getting Started When you set up the security system for the first time, open the Security Manager and set password policies. Starting the Security Manager Note: User names are not case-sensitive. Passwords are case-sensitive. To access the Security Manager, you must use an account that belongs to the Administrator user group and has an Admin profile, for example, the gmidx account. 1. Select Start All Programs Applied Biosystems GeneMapper GeneMapper ID-X v1.0, then log in. 2. In the Login to GeneMapper ID-X dialog box, enter or select the following administrator account user name and password, then click OK: gmidx, temporary password is password 12

25 Chapter 1 Setting Up User Accounts and User Access Getting Started 3. When prompted, specify a new password. Keep a record of the new password. The gmidx account requires that you set a new password when you log in for the first time. If you follow this procedure after first log in, the password for the account may be different from password. Applied Biosystems cannot retrieve passwords. Do not lose the new password for the gmidx account. This account can be used to reset passwords for other accounts. Applied Biosystems cannot reset the password for this account if it is lost. 4. In the GeneMapper ID-X main window, select Admin Security Manager. 5. In the AdminToolAcc dialog box, log in with the gmidx account listed in step 2, then click OK. The Access Control Administration window opens (below): 13

26 Chapter 1 Setting Up User Accounts and User Access Getting Started The File New Application command and the Applications entry in the navigation pane are for Applied Biosystems only. Using these functions interferes with proper software operation. Setting Password Policies Password policies apply to all user accounts. 1. Start the Security Manager (see page 12). 2. Select Settings Password Policies. 3. In the Password Policies dialog box (below), specify the password settings (see Table 6), then click Save Changes. Note: Settings are not applied until you close and restart the GeneMapper ID-X Software. 4. Close and restart the GeneMapper ID-X Software to apply the changed settings. 14

27 Chapter 1 Setting Up User Accounts and User Access Getting Started Table 6 Password policies settings Setting Description Attempts Max Login Attempts Send log message Set User State Remain active Set User State Suspend for min(s) Enter the number of failed login attempts that the software allows before suspending the user account. Works in conjunction with the User State. Records the failed login attempts to the security log. The security information for the GeneMapper ID-X Software is written to the <drive>:\appliedbiosystems\ GeneMapperID-X\GeneMapper_Log.txt file. Disables the Maximum Login Attempts setting. A user is allowed unlimited attempts to log in. Suspends the user account for the specified number of minutes after a user exceeds the maximum login attempts. The user must wait for the specified number of minutes to elapse before attempting another login. Note: If a user exceeds the maximum number of login attempts, you can reactivate the user account before the specified time period elapses as explained in Activating, Deactivating, and Suspending User Accounts on page 40. Password Password Lifetime Password Grace Logins Retires the password of each user account after the specified number of days elapses. If this parameter is not selected, passwords do not expire. Note: After retiring a password, the software automatically prompts the user to create a new password at the next login. Enter the number of times that a user can delay changing the password after the software prompts the user to change it. After a user exceeds the number of specified grace logins, the software requires the user to change the password. Password Reusability Password Reuse Period Passwords kept per user Allows a user to reuse a former password after the specified number of days has elapsed since its last use. Enter the number of former passwords per user that the Security Manager should store. Password Format Minimum Password width Enter the minimum number of characters required in the password (alphanumeric, not case-sensitive). 15

28 Chapter 1 Setting Up User Accounts and User Access Setting Up User Accounts Setting Up User Accounts After setting password policies, you can: Accept and use all the default settings by duplicating a default user account, renaming it, and using it without further modification, or Create an entirely new user account, using any combination of defaults and your own custom settings. Using Default User Accounts To set up your security system using the defaults for user accounts, profiles, user groups, and security groups, follow these steps: 1. Start the Security Manager (see page 12). 2. Select the default user account type that fits the new user (see Table 2, Default profiles actions allowed and not allowed, on page 7), for example, Casework Analyst. 3. Select Edit Duplicate to open the User Properties dialog box (shown on the next page). 4. In the Name field in the General section, replace the name Clone of Casework Analyst(1) with the login name for the new account (for example, User1). The login name is not casesensitive and must be 30 characters. Note: You cannot create a user account with the same name as a user account that has been previously deleted. 16

29 Chapter 1 Setting Up User Accounts and User Access Setting Up User Accounts 5. Set other values: (Optional) Enter a description in the Description field in the General section ( 1023 characters). In the User Details section, enter the user s real name in the Full Name field. (Optional) Select Show EULA if you want the software to display the End User License Agreement (EULA) when the user logs in. Leave Status set to Active. (Optional) Select Pre-Expire, if you want to ensure that a user logging in to an account for the first time is prompted to change the password. 17

30 Chapter 1 Setting Up User Accounts and User Access Setting Up User Accounts 6. Click Set Password. 7. In the Change Password dialog box, enter a new password twice, then click OK. 8. Without making any other changes in the Access Control Administration window, select File Save. Note: Settings are not applied until you close and restart the GeneMapper ID-X Software. The new user account has the same profile and group associations as the default Casework Analyst user account. Creating New User Accounts Preparing to Use Custom Settings If you will use the default profiles, user groups, and/or security groups, skip to Creating the User Account on page 18. If you want to use custom profiles, user groups, and/or security groups, you must create them before creating new user accounts. To create any custom: Profiles that you want to use, see Customizing Profiles on page 26. User groups and security groups that you want to use, see Customizing User and Security Groups on page 34. User group/security group associations that you want to use, see Creating a New User Group on page 35. Creating the User Account After you create any custom profiles, user groups, and/or security groups that you want to use: 1. Start the Security Manager (see page 12). 2. Select File New User. 18

31 Chapter 1 Setting Up User Accounts and User Access Setting Up User Accounts 3. In the Create User wizard, click Next to open the Name page. 4. In the Name field in the General section, enter the login name for the new account (for example, User1). The login name is not case-sensitive and must be 30 characters. Note: You cannot create a user account with the same name as a user account that has been previously deleted. 5. Set other values: (Optional) Enter a description in the Description field in the General section ( 1023 characters). In the User Details section, enter the user s real name in the Full Name field. (Optional) Select Show EULA if you want the software to display the End User License Agreement (EULA) when the user logs in. Leave Status set to Active. (Optional) Select Pre-Expire, if you want to ensure that a user logging in to an account for the first time is prompted to change the password. 19

32 Chapter 1 Setting Up User Accounts and User Access Setting Up User Accounts 6. Click Set Password. 7. In the Change Password dialog box, enter a new password twice, then click OK. 8. In the Control Properties section, select the profile for the user. 9. Click Next to open the User Groups page (below). 10. Select the user groups for the user. If you have previously associated user groups and security groups (see Preparing to Use Custom Settings on page 18), this selection also designates the security groups for this user. 11. Click Next to see a summary of the account, then click Finish. Note: Settings are not applied until you close and restart the GeneMapper ID-X Software. 20

33 Chapter 1 Setting Up User Accounts and User Access Setting Up User Accounts Creating a User Account for Autoanalysis If you perform autoanalysis (the system is configured to automatically collect data, then create, analyze, and save a project), you must create a user account for autoanalysis. IMPORTANT! When you set up the data collection computer for autoanalysis, you are asked to create an autoanalysis user account. You must enter a user name, password, and host computer. For the host computer, enter the name of the GeneMapper ID-X database host, not a client computer. For information on autoanalysis, see the GeneMapper ID-X Software Version 1.0 Installation Guide and the GeneMapper ID-X Software Help. 1. Start the Security Manager (see page 12). 2. Select File New User. 3. In the Create User wizard, click Next to open the Name page. 21

34 Chapter 1 Setting Up User Accounts and User Access Setting Up User Accounts 4. In the Name field in the General section, enter the login name for the new account (for example, Auto1). The login name is not case-sensitive and must be 30 characters. Note: You cannot create a user account with the same name as a user account that has been previously deleted. 5. Set other values: (Optional) Enter a description in the Description field in the General section ( 1023 characters). In the User Details section, enter Autoanalysis in the Full Name field. Deselect Show EULA. Leave Status set to Active. Deselect Pre-Expire. 6. Click Set Password. 7. In the Change Password dialog box, enter a new password twice, then click OK. 8. In the Control Properties section, select the Scientist profile. Note: If you create custom profiles for your system and do not choose to use the Scientist profile, use a profile for autoanalysis with the following minimum privileges: Read privileges for Panel Manager, Size Standard, Analysis Method; Read and Update privileges for creating and analyzing projects. 22

35 Chapter 1 Setting Up User Accounts and User Access Setting Up User Accounts 9. Click Next to open the User Groups page. 10. Associate the user account with any user group. The project that autoanalysis creates, analyzes, and saves is associated with the GeneMapper ID-X security group, which is accessible by all user groups. 11. Click Next to see a summary of the account you just created, then click Finish. Note: Settings are not applied until you close and restart the GeneMapper ID-X Software. 23

36 Chapter 1 Setting Up User Accounts and User Access Using Security Groups to Control Data Access Using Security Groups to Control Data Access In the GeneMapper ID-X Software, a user associates Security groups with data items (such as analysis methods, table settings, plot settings, matrices, size standards, or report settings) when the user saves a data item to which he or she has access. Only users in user groups associated with that security group can later access the data items. Using Open Access Using Access Control Changing the Security Group Default If you want all users to have access to all data, instruct your users to select the GeneMapper ID-X security group when they save data. The data associated with this security group are accessible to every user. If you want to restrict user access to data, instruct users to select a security group associated with their user group. For example, you can instruct the users in the Casework user group to select the Casework security group when they save items. The security groups that a user can select to associate with a data item (when saving the data item) include the GeneMapper ID-X security group as the default. However, any user can change the security group that appears as the default choice when he or she saves a data item. 1. In the In the GeneMapper ID-X main window, select File Project Options to open the Options dialog box. 2. Select the General tab. 3. In the drop-down list box in the Data Access Control pane, select the new default. 4. Click OK. The new security group default applies only to the user who reset the default, unless the default is reset by a user who is a member of only one user group (other than the All Users group). In this case, the default applies to all other users who have identical group membership. 24

37 Chapter 1 Setting Up User Accounts and User Access Using Security Groups to Control Data Access For example, if you use accounts like those listed on page 11, and a Casework Tech sets Casework as the new security group default, that will also become the default for Casework Analysts and Casework Tech Leads. All other users continue to have the GeneMapper ID-X security group as default. Changing the Security Group Association for a Data Item In the GeneMapper ID-X Software, a user can change the security group associated with one or more data items if the user s profile allows changing the data items. To change the security group associated with a data item: 1. In the GeneMapper ID-X main window, select Tools GeneMapper ID-X Manager to open the GeneMapper ID-X Manager. 2. Select the appropriate tab, then select the item to change. 3. Click Open. 4. Change the Security Group setting (for items that contain multiple tabs, the Security Group setting is in the General tab). 5. Click OK. Changing the Security Group Association for a Project A user can change the security group associated with a project if the user s profile allows the user to change the project. However, you must save the project with a new name. 1. In the GeneMapper ID-X main window, select Tools GeneMapper ID-X Manager to open the GeneMapper ID-X Manager. 2. Select the Projects tab. 3. Select the project to change. 4. Click Save As. 5. Enter a new name for the project, select a new security group, then click OK. 25

38 Chapter 1 Setting Up User Accounts and User Access Customizing Profiles Customizing Profiles Creating Profiles Profiles determine the software functions that a user can perform. Applied Biosystems recommends that you use the default profiles described in Default Profiles on page 7, even if you use custom user and/or security groups. However, if the default profiles do not suit your needs, you can create custom profiles. This section describes: Creating Profiles Editing or Deleting Profiles Profile Elements To create a custom profile, you can: Duplicate an existing default profile, then edit it to meet your requirements. Create a new profile. Applied Biosystems recommends that you duplicate a default profile, rename it, and then customize it, rather than change the default profile. Duplicating and Editing a Default Profile To base a new profile on an existing default profile (see Table 2, Default profiles actions allowed and not allowed, on page 7): 1. Start the Security Manager (see page 12). 2. In the navigation pane of the Access Control Administration window, select the profile to duplicate. 3. Right-click, then select Duplicate (or select Edit Duplicate). 4. Select the Clone of... profile in the navigation pane. 5. In the Profile Properties section, change the profile s name and modify the settings as desired. 6. Select File Save. 26

39 Chapter 1 Setting Up User Accounts and User Access Customizing Profiles Creating a Profile 1. Start the Security Manager (see page 12). 2. Select File New Profile. 3. In the Create Profile wizard, click Next. 4. Enter a Name ( 30 characters) and Description ( 1023 characters) for the new profile. 5. In the Installed Elements table (shown on the next page), assign permissions to the new profile for the GeneMapper ID-X module based on the actions allowed in profiles, as described in Table 7 on page 30 and Table 8 on page 32: a. For the GeneMapper ID-X module, select OIR (Override Inherited Rights), then select Execute. All functions are automatically set to Execute. See page 28 for an explanation of OIR. b. For each function you want to disable, select OIR (Override Inherited Rights), then deselect Execute. 6. When you finish, click Next, then click Finish to complete the profile setup. 7. Select File Save. Note: Settings are not applied until you close and restart the GeneMapper ID-X Software. When you create a profile, do not set the FoundationDataCollection module, which is for use by Applied Biosystems only. IMPORTANT! To perform autoanalysis (see Creating a User Account for Autoanalysis on page 21), a user account requires a Scientist profile or equivalent. For a custom profile that permits autoanalysis functions, ensure that its rights are at least equivalent to those of the Scientist profile. 27

40 Chapter 1 Setting Up User Accounts and User Access Customizing Profiles Do not set Select OIR, then Execute, to automatically enable all actions. To disable an action, select OIR for the action, then deselect Execute. Override Inherited Rights (OIR) The permissions listed in the Installed Elements tables can be inherited in one of two ways: All actions ( ) are children of either an action group ( ) or an application ( ). Action groups ( ) are children of applications ( ). Whenever a parent is enabled for the first time, all its children are automatically enabled through inheritance and displayed in the Installed Elements Table Execute column with a gray check mark (disabled). To individually set the state of a child element, select OIR to enable the Execute box. 28

41 Chapter 1 Setting Up User Accounts and User Access Customizing Profiles Editing or Deleting Profiles IMPORTANT! Do not modify the Admin(istrator) profile. 1. Start the Security Manager (see page 12). 2. In the navigation pane of the Access Control Administration window, select the profile to edit or to delete. In the Installed Elements table, to edit the rights for the profile: For each function you want to enable, select OIR (Override Inherited Rights) and Execute (see Override Inherited Rights (OIR) on page 28). For each function you want to disable, select OIR (Override Inherited Rights) and deselect Execute. Note: Table 7 on page 30 and Table 8 on page 32 describe the functions displayed in the Installed Elements table. To delete the profile, select Edit Delete, then click Yes. 3. When you finish, click Next, then click Finish to complete the profile setup. 4. Select File Save. Note: Settings are not applied until you close and restart the GeneMapper ID-X Software. 29

42 Chapter 1 Setting Up User Accounts and User Access Customizing Profiles Profile Elements If the GeneMapper ID-X Software is installed on a computer that contains other Applied Biosystems software products, the Installed Elements table may contain elements in addition to those listed in Table 7 on page 30 and Table 8 on page 32. All users with an administrator profile have all the permissions in Table 7. These permissions include: Managing user accounts, user groups, security groups, and profiles Using the Audit Manager Using the ESig Manager All GeneMapper ID-X Software functions (described in Table 8 on page 32) Table 7 Profile elements actions allowed in admin profiles Installed Elements ( Application/ Action Group/ Action) Default Rights Admin Tool Acc(ess) Does not affect functions in the GeneMapper ID-X Software. Permissions Determines the default value (all or none) for all elements. All aspects of the Security Manager (Access Control Administration tool). General May Run Application Add User to User Group Associate User Groups with Security Groups Use the general functions of the Security Manager (Access Control Administration tool). Associate User Groups with Users Change Password Policies Import Security Data Export Security Data User Groups Create, modify, or delete user groups ( ). Profiles Create, modify, or delete user profiles ( ). 30

43 Chapter 1 Setting Up User Accounts and User Access Customizing Profiles Table 7 Profile elements actions allowed in admin profiles (continued) Installed Elements ( Application/ Action Group/ Action) Applications IMPORTANT! Do not change. For Applied Biosystems use only. Users Create, modify, or delete user accounts ( ). Security Groups Create or modify security groups ( ). Audit GUI Does not affect functions in the GeneMapper ID-X Software. Permissions All aspects of the Audit Manager, including Audit Map Configuration tool and Audit History Viewer. ESig GUI Does not affect functions in the GeneMapper ID-X Software. All aspects of the ESig Administration tool. 31

44 Chapter 1 Setting Up User Accounts and User Access Customizing Profiles All users have permissions to use some of the GeneMapper ID-X functions. Table 8 lists the defaults for each profile. Table 8 profiles Profile elements actions allowed in technician, analyst, scientist, and admin Installed Elements ( Application/ Action Group/ Action) Technician/Read Only Analyst Scientist Admin Profile Permissions GeneMapper All aspects of the GeneMapper ID-X Software. For information on the elements listed in this column, see GeneMapper ID-X Software v1.0 Help. Administration Use the remote shutdown function. Remote Shutdown Panel Manager Use the functions of the Panel Manager including: READ_PANEL Viewing panels, binsets, and bin UPDATE_PANEL definitions Creating/modifying panels, binsets, and bins Size Standard View and create or modify the size standard definitions stored by the GeneMapper ID-X READ_SIZE_ STANDARD Software. UPDATE_SIZE_ STANDARD 32

45 Chapter 1 Setting Up User Accounts and User Access Customizing Profiles Table 8 Profile elements actions allowed in technician, analyst, scientist, and admin profiles (continued) Installed Elements ( Application/ Action Group/ Action) Technician/Read Only Analyst Scientist Admin Profile Permissions Analysis Method READ_ANALYSIS_ METHOD View and create or modify the analysis methods stored by the GeneMapper ID-X Software. UPDATE_ANALYSIS_ METHOD UPDATE_ANALYSIS_ RANGE UPDATE_SIZING_RANGE SAVE_AS_ANALYSIS_ METHOD Project View and create or modify the projects stored by the GeneMapper ID-X Software. READ_PROJECT UPDATE_PROJECT Profile Manager Create, edit, and delete custom reference and control profiles. READ_PROFILE UPDATE_PROFILE Matrix View and create or modify the matrices stored by the GeneMapper ID-X Software. READ_MATRIX UPDATE_MATRIX 33

46 Chapter 1 Setting Up User Accounts and User Access Customizing User and Security Groups Customizing User and Security Groups This section describes: Creating User Groups Creating Security Groups IMPORTANT! Before using the security groups and user groups you create, test them by creating, modifying, deleting, and viewing data using the appropriate user accounts. User groups, with their associated security groups, determine the data a user can access (described on page 3). Applied Biosystems recommends that you use the default user groups and security groups described in Default User Groups on page 9 and Default Security Groups on page 8. If the default user or security groups do not suit your needs, you can create custom groups. Creating User Groups To create a custom user group, you can: Duplicate an existing default user group, then edit it to meet your requirements, or Create a new user group. Note: Applied Biosystems recommends that you duplicate a default user group, rename it, and then customize it, rather than change the default user group. Duplicating and Editing a Default User Group To base a new user group on an existing default user group (see Default User Groups on page 9): 1. Start the Security Manager (see page 12). 2. In the navigation pane of the Access Control Administration window, select the user group to duplicate. 34

47 Chapter 1 Setting Up User Accounts and User Access Customizing User and Security Groups 3. Right-click, then select Duplicate (or select Edit Duplicate). 4. Select the Clone of... user group in the navigation pane. 5. In the User Group Properties section, modify the settings for the selected user group. 6. Select File Save. Note: Settings are not applied until you close and restart the GeneMapper ID-X Software. Creating a New User Group 1. In the Security Manager, select File New User Group. 2. In the Create User Group wizard, click Next. 3. Enter a Name ( 30 characters) and Description ( 1023 characters) for the new user group. 4. Select both Read and Update in the Default rights when associated with a Security Group section. Note: This is a default setting applied to the security groups that you add to a user group. You can override the default setting in the Security Group tab. See step Click Next. 6. Select Associate for each user account that you want to associate with the new user group, then click Next. 35

48 Chapter 1 Setting Up User Accounts and User Access Customizing User and Security Groups 7. Associate security groups for this user group: Note: You can associate a security group with a user group at any time. a. Select Associate for each security group that you want to associate with the user group. b. For each associated security group, select: IMPORTANT! Applied Biosystems recommends that you change Read and Update rights in the profile only and always enable both Read and Update rights in the user/security group. Read Allows the user to view or select the data (projects, plot settings, table settings, panels and bin sets, report settings, size standards, analysis methods, and matrix files) associated with the security group associated with the user group. Update Allows the user to create/modify/delete /analyze the data associated with the security groups associated with the user group (consistent with the user s profile). c. Click Next. 8. Click Finish to complete the user group setup. 9. Select File Save. Note: Settings are not applied until you close and restart the GeneMapper ID-X Software. Deleting User Groups You can delete a user group by selecting Edit Delete. 36

49 Chapter 1 Setting Up User Accounts and User Access Customizing User and Security Groups Creating Security Groups To create a custom security group, you can: Duplicate an existing default security group, then edit it to meet your requirements, or Create a new security group. Note: Applied Biosystems recommends that you duplicate a default security group, rename it, and then customize it, rather than change the default security group. Duplicating and Editing Default Security Groups To base a new security group on an existing default security group (see Default Security Groups on page 8): 1. Start the Security Manager (see page 12). 2. In the navigation pane, select the security group to duplicate. 3. Right-click, then select Duplicate (or select Edit Duplicate). 4. Select the Clone of... security group in the navigation pane. 5. In the Security Group Properties section, modify the settings for the selected security group. 6. Select File Save. Note: Settings are not applied until you close and restart the GeneMapper ID-X Software. 37

50 Chapter 1 Setting Up User Accounts and User Access Customizing User and Security Groups Creating a New Security Group 1. Start the Security Manager (see page 12). 2. In the Security Manager, select File New Security Group. 3. In the Create Security Group wizard, click Next. 4. Enter a Name ( 30 characters) and Description ( 1023 characters) for the new security group. 5. Click Next. 6. Associate user groups for this security group: Note: You can associate a security group with a user group at any time. a. Select Associate for each user group that you want to associate with the security group. b. For each associated user group, select Read and/or Update to grant rights for the relationship to the security group. IMPORTANT! Applied Biosystems recommends that you control functional access through the profile only and that you enable both Read and Update rights for all security groups. c. Click Next. 7. Click Finish to complete the setup. 8. Select File Save. Note: Settings are not applied until you close and restart the GeneMapper ID-X Software. Deleting Security Groups You cannot delete a security group. 38

51 Chapter 1 Setting Up User Accounts and User Access Maintaining User Accounts Maintaining User Accounts Applied Biosystems cannot retrieve passwords. Do not lose the new password for the gmidx account. This account can be used to reset passwords for other accounts. Applied Biosystems cannot reset the password for this account if it is lost. Editing User Accounts Note: Applied Biosystems recommends that you duplicate a default user account, rename it, and then customize it, rather than change the default user account. 1. Start the Security Manager (see page 12). 2. In the navigation pane, select the user account of interest. 3. Modify the settings for the selected user account. 4. If you are changing an account name, enter the new name in the Name field. 5. Select File Save. Note: Settings are not applied until you close and restart the GeneMapper ID-X Software. Changing the Password for a User Account 1. Start the Security Manager (see page 12). 2. In the navigation pane, select the user account. 3. In the User Properties section, set click Set Password. 39

52 Chapter 1 Setting Up User Accounts and User Access Maintaining User Accounts 4. In the Change Password dialog box, enter a password in the Type and Retype fields. The password is not case-sensitive and can contain up to 17 alphanumeric and special characters. 5. Click OK. 6. Select or deselect Pre-Expire. If Pre-Expire is selected, the software prompts the user to enter a new password at the next log in. If Pre-Expire is deselected, the user continues to use the password you entered in step Select File Save. Note: Settings are not applied until you close and restart the GeneMapper ID-X Software. Deleting a User Account After you delete an account, you cannot retrieve or restore the deleted account, and you cannot create another user account with the same name. An alternative to deleting a user account is to deactivate or suspend the account, as explained in the next section. To delete a user account: 1. In the navigation pane of the Access Control Administration window, select the user account you want to delete. 2. Select Edit Delete. Activating, Deactivating, and Suspending User Accounts You can change the status of a user account if: You want to deactivate a user account without deleting it. A user exceeds the maximum number of failed login attempts, and you want to activate the user account manually. 40

53 Chapter 1 Setting Up User Accounts and User Access Maintaining User Accounts 1. Start the Security Manager (see page 12). 2. In the navigation pane, select the user account of interest. 3. In the Status drop-down list of the User Details section (see below), select the appropriate account status for the user account. Select the desired user account. Select the desired status. Table 9 Account statuses Status Active Inactive Suspended Description The user can log in to and use the software. The user cannot log in. Set by a user with an Admin profile. The user cannot log in. Set by the software when a user exceeds the limit of unsuccessful login attempts. 4. Select File Save. Note: Settings are not applied until you close and restart the GeneMapper ID-X Software. 41

54 Chapter 1 Setting Up User Accounts and User Access Viewing the Security Report Viewing the Security Report About the Security Report The security report summarizes the current Security Manager settings. You can print a summary of one or more components of the security system (such as access rights for a particular user). See below. Note: The Security Manager does not monitor login attempts or other user activity (such as creating projects). To monitor and record user activity, configure the auditing system (see Chapter 2, Managing the Auditing System, on page 45). Printing the Security Report 1. Start the Security Manager (see page 12). 2. In the navigation pane, select a user account or profile. 3. Select File Report. 4. In the Print Access Control Identifiers dialog box, select options to specify the content of the report. 42

55 Chapter 1 Setting Up User Accounts and User Access Viewing the Security Report Entire Access Control Prints a summary of all user accounts, applications, and profiles. Selection only Prints a report of the selected user account, application, or profile selected in the navigation pane of the Security Manager. Print checked objects below Prints a report of one or more of the following elements that you select: Users A report of all user accounts. Applications A report of all applications. User Groups A report of all user groups. Security Groups A report of all security groups. Profiles A report of all profiles. 5. Click Preview to view a preview of the report (see below). 6. Click Print. Otherwise, click Close, then repeat step 4 to modify the report settings as desired. 7. Click Cancel to close the Print Access Control Identifiers dialog box. 43

56 Chapter 1 Setting Up User Accounts and User Access Exporting and Importing the Security Settings Exporting and Importing the Security Settings Transferring Security Settings Between Computers You can export a summary of all security settings to back up or transfer to another computer. The exported security file contains password policies, user accounts, profiles, user groups, and security groups. IMPORTANT! The GeneMapper ID-X Software does not automatically back up the security data when you back up the database. You must back up manually by exporting a file. Applied Biosystems recommends that you back up security settings after you make any change to the system. For more information on backing up, see Chapter 4, Maintaining the Software and Database Application, on page 75. Exporting the Security Settings 1. Start the Security Manager (see page 12). 2. Select File Export Database. 3. In the Save dialog box, enter a file name for the exported file, select Access Control files (.acc), then click Save to export the security settings as an.acc file. 4. In the Export Users dialog box, click OK. Importing the Security Settings IMPORTANT! Importing security settings from an.acc file automatically replaces all existing security settings. 1. Start the Security Manager (see page 12). 2. Select File Import Database. 3. In the Save dialog box, navigate to the appropriate location, select the desired.acc file, then click Open. 4. In the Import Users dialog box, click OK. 44

57 Chapter 2 Managing the Auditing System Chapter 1 Setting Up User Accounts and User Access Overview of the Audit System Default Audit Map Settings Using the Audit Map Viewing Audit History Records Backing Up, Removing, and Restoring Audit Records Chapter 2 Managing the Auditing System Chapter 3 Managing the E-Signature System Chapter 4 Maintaining the Software and Database Application 45

58 Chapter 2 Managing the Auditing System Overview of the Audit System Overview of the Audit System Use the GeneMapper ID-X Software audit system to specify the types of actions you want to audit (for example, allele edits) and the auditing mode (silent, or requiring the user to enter a reason for change). Table 10 The components of the audit system are defined in Table 10. Components of the audit system Audit Map Component (open in GeneMapper ID-X Software by selecting Admin Audit Manager Setting...) Auditing in the GeneMapper ID-X Software Definition Set of instructions specified by the GeneMapper ID-X Software system administrator that defines the types of data to audit, the actions to audit, and whether auditing is On (prompts the user for a Reason for Change) or Silent (tracks the change, but does not prompt the user). The cumulative record of changes to all audited objects. When a user creates or deletes an audited item, the change is tracked. If auditing is On instead of Silent, the user must enter a reason for the change in the Reason(s) for Change dialog box (see figure on next page). When a user changes an audited item (instead of creating or deleting), the dialog box also includes an Apply To All option that applies the reason for change to future changes of the same type, until the project is saved (for example, when editing alleles, the same reason is used for all future edits of alleles until you save the project). IMPORTANT! Audit records are saved only when a user saves the project, analysis method, size standard, or other object being changed. Audit records are not saved when a user clicks OK in the Reasons for Change dialog box. If a user clicks Cancel without saving the change, the software discards all possible audit records. Action Name of the affected audit object attribute Former (Old) and current (New) values of the audit object (if applicable) Reason for the change entered by user 46

59 Chapter 2 Managing the Auditing System Overview of the Audit System Table 10 Components of the audit system (continued) Component Audit History Viewer (open with Admin Audit Manager Report...) Audit Record Backup (open from Admin menu) Definition The tool that provides the GeneMapper ID-X Software system administrator with advanced query options for retrieving and reporting audit records. Described in Viewing Audit History Records on page 57. Allows the GeneMapper ID-X Software system administrator to back up, remove, and restore audit records. Described in Backing Up, Removing, and Restoring Audit Records on page 63. Example Configuration The figure below displays the settings for the Allele audit object. In the example configuration, the audit trail: Does not track the change when a user creates an allele label (Audit State for Created is set to Off). Displays the Reason(s) for Change dialog box when a user deletes an allele label and saves the changes to the project (Audit State for Deleted is set to On). Silently creates a record when a user changes an allele label and saves the changes to the project (Audit State for Modified is set to Silent). Does not track change Tracks change and prompts for reason Tracks change When Audit Records Are Saved Audit records for actions related to a project (for example, editing alleles) are saved when the user saves the project. Audit records for actions not related to a project (for example, creating analysis methods or panels) are saved when the user clicks OK to save the item, then returns to the Project window. IMPORTANT! Audit records are saved only when a user saves the item being changed. Audit records are not saved when a user clicks OK in the Reasons for Change dialog box. If a user clicks Cancel without saving the change, the software discards all possible audit records. 47

60 Chapter 2 Managing the Auditing System Default Audit Map Settings Default Audit Map Settings By default: Allele Edit is set to On and the software prompts for a Reason for Change for allele edits. You can change the state to Silent (tracks the change but does not prompt for a Reason for Change) or Off (does not track the change). All other audited items (primitive, parent items) are set to Off, except for those that are children of other auditable items. Auditable items are related hierarchically. For example, a Kit contains (is a parent of) Panels and Binsets, Panels contain Markers, and Markers contain Bins. In the example above, the attributes named PANEL, BINSET, MARKER, and BIN have their states set to On. This does not mean that they are set to be audited because they are not primitive types (parent items); only primitive object attributes can be selected for auditing. 48

61 Chapter 2 Managing the Auditing System Default Audit Map Settings PANEL, BINSET, MARKER, and BIN have their attribute states set to On to allow one of their primitive types to be enabled for auditing. For example, you can set the modified attribute of the Bin object to On because this attribute is a primitive type. modified attribute is a primitive type and can be audited If the BIN attribute states of all parent objects are not set to On, then the Bin auditing does not occur. All the child Attributes are set to On by default. You do not need to set them to On to audit an object with parents. In Table 11, Elements of the audit map, on page 54, none of the Attributes that are On are primitive types, except for Allele. This means that the only object being audited by default is Allele. 49

62 Chapter 2 Managing the Auditing System Using the Audit Map Using the Audit Map This section describes: Starting the Audit Manager Configuring the Audit Map Printing an Audit Map Settings Report Audit Map Elements (with their defaults) Note: The audit trail does not track printing or exporting. Starting the Audit Manager 1. Start the GeneMapper ID-X Software (Start All Programs Applied Biosystems GeneMapper GeneMapper ID-X v1.0), then log in. 2. In the GeneMapper ID-X main window, select Admin Audit Manager Setting. 3. In the AuditMapConfiguration dialog box, log in with an administrative user name and password (for example, gmidx). 4. Click OK. The Audit Map Configuration window opens. 50

63 Chapter 2 Managing the Auditing System Using the Audit Map Note: The settings on the Auditing menu in this window apply to changes made in the Audit Map Configuration window. If you select On and you make a change in the Audit Map Configuration window, you are prompted for a Reason for Change. If you select Silent, changes are tracked, but without a prompt. You cannot turn auditing of the Audit Map Configuration off. Saving Changes When you close the Audit Map Configuration window, your changes to the audit map are saved. Settings are not applied until you close and restart the GeneMapper ID-X Software. Configuring the Audit Map IMPORTANT! Each audited item generates an audit record that takes up space in the database. Instead of enabling auditing for an action such as modifying an analysis method, consider creating a set of analysis methods with expected settings to minimize the number of audit records that are generated. IMPORTANT! Applied Biosystems recommends that you review the audit map configuration every 6 months and modify them as needed. For more information on routine maintenance, see Chapter 4, Maintaining the Software and Database Application. 1. Start the Audit Manager (see page 50). 51

64 Chapter 2 Managing the Auditing System Using the Audit Map 2. In the Audit Map Configuration window (in the Audit Map Objects pane) select the enabled check box of each object audit. (enabled) Audits all object attributes (created, modified, deleted, and so on) according to their individual attribute states. Note: An object is not audited unless the Enabled check box is selected, even if the State in Attributes list is set to On. 3. For each audit map object that you enable for auditing (only primitive objects can be audited), change its attribute states, as needed: a. Select the audit map object. b. Click the cell in the State column for each attribute you want to modify. A drop-down list appears. c. In the drop-down list, select the attribute state that determines the software behavior when a user performs the action associated with the attribute: On Creates an audit record and prompts the user for the reasons for change. (see page 46). Silent Creates an audit record, but does not prompt the user for reasons. Off Does not create an audit record. 52

65 Chapter 2 Managing the Auditing System Using the Audit Map Note: If you disable an audit map object, the attribute states for the object are shown in italic text and have no effect on the audit status of the object. Note: If you run autoanalysis, auditing for objects set to On is automatically performed in Silent mode (because no user is available to be prompted for Reason for Change). 4. Repeat step 3 for each audit map object that you enable. 5. Close the Audit Map Configuration window. 6. Restart the GeneMapper ID-X Software to apply the settings. Printing an Audit Map Settings Report Audit Map Elements 1. Start the Audit Manager (see page 50). 2. In the Audit Map Configuration window, select File Report. You are prompted for formatting information, then the report prints. Table 11 lists all potential audit map objects, their attributes, the default settings for each attribute, and the audit category to which they belong (items in the same audit category are related to each other). If the GeneMapper ID-X Software is installed on a computer that contains other Applied Biosystems products, the audit map may contain elements additional to those listed in Table 11. Note: The Allele object is the only object enabled by default for auditing. All other audited objects are set to Off, except for those that are children of other auditable items (for example, RUN under the Project object is set to On. Only primitive objects (objects listed in lower case) can be audited. 53

66 Chapter 2 Managing the Auditing System Using the Audit Map Table 11 Elements of the audit map Object Attribute Default State Action Recorded When State Is On or Silent Project analyzed created Off Off Creating, deleting, or changing a project in the Project window, or renaming a project in the Projects tab of the GeneMapper IDX deleted Off Manager. When RUN is activated, auditing for the modified Off Run object (described below) is allowed (you must also enable the Run object and RUN On set its attributes). Audit category: ProjectT Run IMPORTANT! To audit the Run object, you must enable the Project object and set the Project RUN attribute to On or Silent (described above). Sample IMPORTANT! To audit the Sample object, you must enable the Run object and set the Run SAMPLE attribute to On or Silent (described above). created deleted Off Off Adding samples from a new run folder, or deleting all samples in a run folder from a project. SAMPLE On When SAMPLE is activated, auditing for the Sample object (described below) is allowed (you must also enable the Sample object and set its attributes). Audit category: ProjectT ALLELE created On Off Adding, deleting, or modifying samples (change the sample name) in the Project window, or deleting samples from the deleted Off Samples plot. When ALLELE is activated, auditing for the modified Off Allele object (described below) is allowed (you must also enable the Allele object and OverrideGQ Off set its attributes). OverrideCGQ Off When OverrideGQ or Override CGQ is activated, creates a record when a user OverrideSQ Off overrides the GQ PQV or CGQ PQV in the Samples or Genotypes plot. When OverrideSQ is activated, creates a record when a user overrides the SQ PQV in the Size Match Editor. Audit category: ProjectT 54

67 Chapter 2 Managing the Auditing System Using the Audit Map Table 11 Elements of the audit map (continued) Object Attribute Default State Action Recorded When State Is On or Silent Allele IMPORTANT! To audit the Allele object, you must enable the Sample object and set the Sample ALLELE attribute to On or Silent (described above). created deleted On On Modifying allele labels in the Samples or Genotypes plot. Audit category: ProjectT modified On Analysis Method created deleted Off Off Creating, deleting, or modifying an analysis method. Audit category: Analysis MethodT modified Off Kit BINSET created On Off Creating, deleting, or modifying a kit in the Panel Manager. When BINSET or PANEL is activated, deleted Off auditing for the BinSet or Panel object (described below) is allowed (you must also modified Off enable the BinSet or Panel object and set its attributes). PANEL On Audit category: KitT BinSet IMPORTANT! To audit the BinSet object, you must enable the Kit object and set the Kit BINSET attribute to On or Silent (described above). created Off Creating or deleting bin sets using the Panel Manager. deleted Off Audit category: KitT 55

68 Chapter 2 Managing the Auditing System Using the Audit Map Table 11 Elements of the audit map (continued) Object Attribute Default State Action Recorded When State Is On or Silent Panel IMPORTANT! To audit the Panel object, you must enable the Kit object and set the Kit PANEL attribute to On or Silent (described above). Marker IMPORTANT! To audit the Marker object, you must enable the Panel object and set the Panel MARKER attribute to On or Silent (described above). Bin IMPORTANT! To audit the Bin object, you must enable the Marker object and set the Marker BIN attribute to On or Silent (described above). created deleted Off Off Creating, deleting, or modifying panels in the Panel Manager, the Samples plot, or the Genotypes plot. MARKER On When MARKER is activated, auditing for the Marker object (described below) is modified Off allowed (you must also enable the Marker object and set its attributes). Audit category: KitT BIN created On Off Creating, deleting, or modifying markers of a panel in the Panel Manager, the Samples plot, or the Genotypes plot. deleted Off When BIN is activated, auditing for the Bin object (described below) is allowed (you modified Off must also enable the Bin object and set its attributes). Audit category: KitT created deleted Off Off Creating, deleting, or modifying individual bins of the bin sets in the Panel Manager, the Samples plot, or the Genotypes plot. modified Off Audit category: KitT Matrix created deleted Off Off Creating, deleting, or modifying matrices using the GeneMapper ID-X Manager. Audit category: MatrixT modified Off Size Standard created deleted Off Off Creating, deleting, or modifying size standard definitions using the GeneMapper ID-X Manager. modified Off Audit category: SizeStandardT 56

69 Chapter 2 Managing the Auditing System Viewing Audit History Records Viewing Audit History Records This section describes: Starting the Audit History Viewer Creating Audit Record Queries Performing Audit Record Queries and Viewing Audit Records Example Audit Records Printing Audit Records Starting the Audit History Viewer 1. Select Start All Programs Applied Biosystems GeneMapper GeneMapper ID-X v1.0, then log in. 2. In the Login to GeneMapper ID-X dialog box, log in with your user name and password, then click OK. 3. In the GeneMapper ID-X main window, select Admin Audit Manager Report. 4. In the AuditHistoryViewer dialog box, log in with an administrative user name and password (for example, gmidx or Lab Manager). 5. Click OK. The Audit History Viewer window opens (page 58). 57

70 Chapter 2 Managing the Auditing System Viewing Audit History Records User-defined queries Audit objects Audit records for selected object Details for selected Audit record Creating Audit Record Queries 1. Open the Audit History Viewer window (see above). 2. Select File New Query to display the New Query dialog box. 58

71 Chapter 2 Managing the Auditing System Viewing Audit History Records 3. Complete the fields in the New Query dialog box, as needed. You can: Leave a field blank to find all records for a field. Enter a partial string in any field. For example, if you enter modified or Allele in the Audit Record field, the query finds all modified records or all records that relate to Allele edits. Enter a full string in any field to limit the query to specific records. Field Description Example Query Name Name of the query. IMPORTANT! To create a query that lists all audit records, enter a Query Name and leave the remaining fields blank. Full Audit History Old Value Original value before the item is changed. 22 [KitT.AmpFLSTR_Panels_v1.PANEL. Identifiler_v1.MARKER.D2S1338. BASEPAIR SAMPLE.Sample 3.PEAK_ID.1911.ANALYSIS_ID.44] New Value New value after the item is changed. new variant [KitT.AmpFLSTR_Panels_v1.PANEL. Identifiler_v1.MARKER.D2S1338. BASEPAIR SAMPLE.Sample 3.PEAK_ID.1911.ANALYSIS_ID.44] Instance Name of the item. ID_Control Type Audit category SizeStandardT Full Name Full name of user who made the change Audit Record Audit record entry. RUN.identifiler data files.sample.id_control.fsa. ALLELE.new.created Reason Reason for the change that is specified, if audit state was set to On. Change allele label Date From and To Dates for the record. 12/10/ Click OK. The query is listed in the Queries pane of the Audit History Viewer. 59

72 Chapter 2 Managing the Auditing System Viewing Audit History Records Performing Audit Record Queries and Viewing Audit Records 1. Open the Audit History Viewer window (see page 57). 2. Select a query in the Queries pane. 3. Click in the toolbar. 4. In the Audit Objects pane, select the audited item to view records for. 5. To view details for an audit record: a. Click (Audit Record Details icon) in the toolbar to display the Audit Records Details section. b. In the Audit Records section, select a record of interest. c. Examine the Old Value, New Value, and Reason for Change in the Audit Records Details section. 6. (Optional) To show or hide columns, right-click a column header, then specify the columns to show or hide. 7. (Optional) To sort the audit history records in the Audit Records list, click one of the column headers. A triangle ( ) appears inside the column header to indicate the direction of the sort. 60

73 Chapter 2 Managing the Auditing System Viewing Audit History Records Example Audit Records Table 12 Example audit records Audit Category Objects With audit Records Example Audit Records ProjectT Project analyzed deleted Analysis MethodT Run Sample Allele Analysis Method RUN.identifiler data files.created RUN.identifiler data files.deleted RUN.identifiler data files.sample.id_sample3.fsa.overridesq RUN.identifiler data files.sample.id_sample3.fsa.overridegq RUN.identifiler data files.sample.id_neg_cntrl.fsa.deleted RUN.identifiler data files.sample.id_control.fsa.allele.new.created modified KitT Kit deleted Panel BinSet Marker Bin PANEL.Blue_V1.deleted BINSET.YFilerBinSetTest.created PANEL.Yfiler_v2.MARKER.Y_DYS392.deleted PANEL.Identifiler_CODIS_v1.MARKER.CSF1PO.BIN.7.modified MatrixT Matrix created SizeStandardT Size Standard created 61

74 Chapter 2 Managing the Auditing System Viewing Audit History Records Printing Audit Records You can print audit record reports for each object. IMPORTANT! Review audit reports every month. For more information on routine maintenance, see Chapter 4, Maintaining the Software and Database Application. 1. In the Audit History Viewer window, select the object to print from the Audit Objects list. 2. Select File Print Preview. The Select Columns dialog box opens. 3. Select the columns to display in the report, then click OK. The Preview Audit History Records window opens. 4. Click Print to print the report. 62

75 Chapter 2 Managing the Auditing System Backing Up, Removing, and Restoring Audit Records Backing Up, Removing, and Restoring Audit Records This section describes: When to Back Up and Remove Audit Records Backing Up and Removing Audit Records Storing Audit Records Restoring Audit Records When to Back Up and Remove Audit Records Backing Up and Removing Audit Records Routinely review the amount of database space occupied by audit records using the Database Dashboard (see Reviewing the Database Statistics on page 81). As the amount of occupied disk space approaches the maximum limit defined in the software, you must: Increase the amount of disk space, as explained in Allocating Disk Space on page 82, or Back up and remove the audit records, as explained below. IMPORTANT! The GeneMapper ID-X Software automatically backs up the audit data when you back up the database (see Backing Up the Database on page 87). Use this function to selectively back up, then remove audit records to free up space in the database. 1. Select Start All Programs Applied Biosystems GeneMapper GeneMapper ID-X v Log in with an administrative account (for example, gmidx). 3. In the GeneMapper ID-X Software main window, select Admin Audit Manager Backup Audit Records. 4. In the Backup Audit Records dialog box: a. Navigate to the location to which you want to export the audit data. b. Enter a name for the exported audit file (*.aud). c. Click Backup. 63

76 Chapter 2 Managing the Auditing System Backing Up, Removing, and Restoring Audit Records 5. In the GeneMapper ID-X Software main window, select Admin Audit Manager Delete All Audit Records. 6. In the Delete All Audit Records dialog box, click Yes. Storing Audit Records Restoring Audit Records After exporting the audit records file, move the GeneMapper ID-X Software audit file (*.aud) to a storage medium for archiving. If you need to view the archived records, restore the records as explained below, then view them using the Audit History Viewer (see Viewing Audit History Records on page 57). 1. Select Start All Programs Applied Biosystems GeneMapper GeneMapper ID-X v Log in with an administrative account (for example, gmidx). 3. In the main window, select Admin Audit Manager Restore Audit Records. 4. In the Backup Audit Records dialog box, navigate to, then select the desired GeneMapper ID-X Software audit file (*.aud). 5. Click Restore. Note: Restoring audit records does not erase any current records. It adds the restored records to the current records in the audit trail. 64

77 Chapter 3 Managing the E-Signature System Chapter 1 Setting Up User Accounts and User Access This chapter covers: Overview of the Electronic Signature (E-Signature) System. 66 Default E-Signature Settings Configuring the E-Signature System Viewing E-Signature Records Backing Up, Removing, and Restoring E-Signature Records. 74 Chapter 2 Managing the E-Signature System Chapter 3 Managing the E-Signature System Chapter 4 Maintaining the Software and Database Application 65

78 Chapter 3 Managing the E-Signature System Overview of the Electronic Signature (E-Signature) System Overview of the Electronic Signature (E-Signature) System Table 13 The GeneMapper ID-X Software electronic signature (E-Signature) system ensures that only authorized users are allowed to make certain changes (create, modify, or delete) in the GeneMapper ID-X Software. You can configure the types of actions that require user authentication (for example, analyze projects). A user must provide his or her GeneMapper ID-X Software user name and password before changes are saved. The GeneMapper ID-X Software E-Signature system also keeps track of who made certain changes. By comparison, the Audit Manager keeps track of only what was done. The components of the E-Signature system are defined in Table 13. Components of the E-Signature system Component Esig Administrator Electronic Signature Verification Definition Configured by the GeneMapper ID-X Software system administrator to identify the actions that require a signature. When a user performs actions (for example, deleting analysis methods) that have been specified for electronic signature, the GeneMapper ID-X Software automatically displays the Electronic Signature Verification dialog box (see figure on next page). A user authenticates or signs for an action by entering his or her GeneMapper ID-X user name and password. If a user enters the correct password, the GeneMapper ID-X Software performs the requested action and records the electronic signature transaction. 66

79 Chapter 3 Managing the E-Signature System Default E-Signature Settings Table 13 Components of the E-Signature system (continued) Component Definition Electronic Signature Verification (continued) A default warning that indicates the action that prompted signature verification An additional custom message to the user User enters user name User enters password Default E-Signature Settings By default, all E-Signature actions are disabled. Configuring the E-Signature System Note: The E-Signature system does not track printing or exporting of object types. This section describes: Starting the E-Signature Manager Enabling the E-Signature Function Configuring E-Signature Actions E-Signature Action Maps 67

80 Chapter 3 Managing the E-Signature System Configuring the E-Signature System Starting the E-Signature Manager 1. Select Start All Programs Applied Biosystems GeneMapper GeneMapper ID-X v1.0, then log in. 2. In the GeneMapper ID-X main window, select Admin Esig Administrator. 3. In the EsigAdministration dialog box, log in with an administrative user name and password (for example, gmidx). 4. Click OK. The ESig Manager (Administration) window opens. Enabling the E-Signature Function The E-Signature Configuration settings apply to all users. A user with an Admin profile can change settings for all users at any time. 1. Start the E-Signature Manager (see above). 68

81 Chapter 3 Managing the E-Signature System Configuring the E-Signature System 2. The ESig Administration window opens by default to the Configuration tab. 3. For Is Electronic Signature Required?, select Yes. 4. For Method, select UsernamePassword. 5. (Optional) To require the user to enter a user name as part of the electronic signature, select the Require UserID? check box. Otherwise, the software fills the user name field with the name of the user who is currently logged in to the software. 6. (Optional) In the Description field, enter comments for internal use (for example, Configured by Admin ). 7. Select File Save to save the settings. Configure each E-Signature action as described in the next section. 69

82 Chapter 3 Managing the E-Signature System Configuring the E-Signature System Configuring E-Signature Actions Note: Settings are not applied until you close and restart the GeneMapper ID-X Software. By default, all E-Signature actions are disabled. 1. Start the E-Signature Manager (see page 68). 2. In the ESig Administration window, select the Action Administration tab. Enable Esig (disabled) Selected object type Custom message displayed to users when signature requested Actions for the selected actions group Definition text displayed to users when signature requested 3. In the ESig Action Maps pane, define actions that require electronic signature: a. Select a GM_object type. The actions you specify for electronic signature (creating, modifying, deleting) are grouped together, unlike the actions in the Audit Manager, where you can specify actions individually. 70

83 Chapter 3 Managing the E-Signature System Configuring the E-Signature System b. To require electronic signatures for the actions displayed in the Action List, select the Enable Esig check box. Note: You may need to resize the ESig Administration window to see the Enable Esig check box. c. (Optional) In the Electronic Signature Challenge Text box, enter a custom message to the user that displays (for this object type) every time an electronic signature is requested (for example, By entering your user name and password, you are signing this action ). 4. Repeat step 3 for each object type in the ESig Action Maps pane. 5. Select File Save to save the settings. IMPORTANT! Applied Biosystems recommends that you review the E-Signature administration settings every 6 months, and modify them as needed. For more information on routine maintenance, see Chapter 4, Maintaining the Software and Database Application, on page 75. E-Signature Action Maps Table 14 E-Signature action maps Table 14 lists the actions that can be tracked by E-signature. Object Default State Actions Requiring an E-signature (When Enabled) Default Action Group NA Not used in GeneMapper ID-X Software. GM_PROJECT Disabled A project is created, modified, or deleted. GM_CHEMISTRY_ KIT Disabled A chemistry kit is created, modified, or deleted. GM_ANALYSIS_ METHOD Disabled An analysis method is created, modified, or deleted. GM_SIZE STANDARD Disabled A size standard is created, modified, or deleted. GM_MATRIX Disabled A matrix is created, modified, or deleted. 71

84 Chapter 3 Managing the E-Signature System Viewing E-Signature Records Viewing E-Signature Records This section describes: Specifying E-Signature Queries Performing E-Signature Queries and Viewing E-Signature Records Printing E-Signature Records Specifying E-Signature Queries 1. Start the E-Signature Manager (see page 68). 2. In the ESig Administration window, select the History Viewer tab. 3. To view all records, leave blank all fields in the Query Electronic Signature Events section, then click Find. 72

85 Chapter 3 Managing the E-Signature System Viewing E-Signature Records 4. To refine the query of electronic signature records, in the Query Electronic Signature Events pane, enter parameter values: Note: Enter parameter values only in those fields that are relevant to your search. Object Name Enter the name of an object. For example, entering Analysis Method 123 in this field retrieves all events for the analysis method named Analysis Method 123. Object Type Enter the object type. For example, entering analysis method in the Object Type field retrieves events for all analysis methods. User ID Enter the name of a user account to query the electronic signature events created by a specific user. Full Name Enter the full name of a user to query the electronic signature events created by a specific user. Action Group Select an action group to view all events for the group. For example, selecting Action Group GM_ANALYSIS_METHOD retrieves all events created when a user created, modified, or deleted an analysis method. Action After selecting an action group, select an action to further refine the search by isolating it to a specific action of the group. For example, after selecting Action Group GM_ANALYSIS_METHOD, selecting Action DELETE_ANALYSIS_METHOD retrieves all events created in which a user deleted an analysis method. Event Date/Time Enter a date or dates to display records created in a specific time period. 73

86 Chapter 3 Managing the E-Signature System Backing Up, Removing, and Restoring E-Signature Records Performing E-Signature Queries and Viewing E-Signature Records 1. After specifying E-Signature queries in the History View tab of the ESig Administration window, click Find. Note: The Server Time is the local time on the database computer at which the action occurred. The Client Time is the local time on the software computer at which the action occurred. (Typically, these times are similar. However, if you make a change on a client computer in one time zone and the database computer is in another time zone, the times may differ.) Note: The Version field is not used in the GeneMapper ID-X Software. 2. (Optional) In the Events list, select an event to view the Event Details. 3. If you want to run another query, click Clear, then repeat step 1 through step 2. Sorting The GeneMapper ID-X Software 1.0 does not support sorting of E-signature records. Printing E-Signature Records The GeneMapper ID-X Software 1.0 does not support printing E-signature records. Backing Up, Removing, and Restoring E-Signature Records The GeneMapper ID-X Software 1.0 does not support backing up, removing, or restoring E-signature records. 74

87 Chapter 4 Maintaining the Software and Database Application Chapter 1 Setting Up User Accounts and User Access Chapter 2 Managing the Auditing System This chapter covers: Maintenance Overview Using and Maintaining the Oracle Database Using the Database Dashboard Software Reviewing the Database Statistics Allocating Disk Space Viewing Project Statistics Backing Up the Database Generating a Database Report Chapter 3 Managing the E-Signature System Chapter 4 Maintaining the Software and Database Application 75

88 Chapter 4 Maintaining the Software and Database Application Maintenance Overview Maintenance Overview The GeneMapper ID-X Software requires regular maintenance to provide: Optimal performance of the software and database application Protection against data loss (due to hardware or software failure) Recommended Maintenance Schedule The maintenance schedule in Table 15 contains general recommendations for routine maintenance of the GeneMapper ID-X Software. Table 15 Database maintenance activities Frequency Tasks Weekly Exit the GeneMapper ID-X Software and restart the computer. Review the statistics for the database (see page 81), and, if necessary: Export unused projects and data (see GeneMapper ID-X Software v1.0 Online Help) and then delete them. Allocate additional disk space (see page 84). (Optional) Back up the GeneMapper ID-X Software database (see page 87). Monthly Defragment the computer hard drive. As Needed Review password policies, and modify them as necessary (see page 14). If using the auditing system, review the audit map configuration, and modify as needed (see page 50). If using the electronic signature system, review the electronic signature settings, and modify as needed (see page 67). Manage user accounts (see page 39). Manage security groups (see page 37). Manage user groups (see page 34). Manage profiles (see page 29). Back up security settings after making any change to the security system (see page 44). Back up, remove, and restore audit records (see page 63). 76

89 Chapter 4 Maintaining the Software and Database Application Using and Maintaining the Oracle Database Using and Maintaining the Oracle Database This section describes: Database Access Maintaining the Database Oracle Documentation Database Access The Database Dashboard Software provides tools for maintaining and evaluating the performance of the GeneMapper ID-X Software database application. The software is installed with the full version (co-installation, remote autoanalysis, and stand-alone configurations) of the GeneMapper ID-X Software. Do not install any other database applications on the computer running the GeneMapper ID-X Software. If co-installed with the GeneMapper ID-X Software, other database applications can produce unexpected results, including loss of data and corruption of the GeneMapper ID-X Software database application. IMPORTANT! The Oracle Database included in the GeneMapper ID-X Software package should serve as a data repository for this software product only and should not be used for other data storage purposes. Applied Biosystems does not support access to the Oracle Database through any means other than the GeneMapper ID-X Software and associated tools (Database Dashboard, Security Manager, Audit Manager, and E-signature Manager). SQL Support Applied Biosystems does not support the use of SQL (using SQLMGR or SQL*Plus) to query or modify the tables of the GeneMapper ID-X Software database application. 77

90 Chapter 4 Maintaining the Software and Database Application Using and Maintaining the Oracle Database API Support The GeneMapper ID-X Software does not include an application programming interface (API) for linking the GeneMapper ID-X Software database application with a LIMS. However, the GeneMapper ID-X Software can export data from the database in a variety of formats, many of which can be imported by major third-party data storage and analysis applications. Note: The GeneMapper ID-X Software includes a command-line interface that can be useful when integrating the software into an existing LIMS. The interface allows you to automate most of the software operations using a scripting language or batch file so that most maintenance and data-entry tasks can be minimized or eliminated. For more information, see Appendix A, Operating the Software from a Command Line, on page 91. Maintaining the Database Use the Database Dashboard software (described on page 79) to perform routine maintenance. You do not need Oracle training to use the Database Dashboard software. However, Applied Biosystems recommends that the maintenance of the Oracle Database be performed by a certified Oracle Database Administrator. Advanced Oracle Database Tools Oracle Documentation The Oracle Corporation provides tools to optimize the performance of the Oracle Database. Applied Biosystems recommends use of these tools only by a certified Oracle database administrator. Additional documentation for the Oracle Database is available at 78

91 Chapter 4 Maintaining the Software and Database Application Using the Database Dashboard Software Using the Database Dashboard Software The Database Dashboard Software installed with the full version of the GeneMapper ID-X Software (software and database) provides tools for maintaining the GeneMapper ID-X Software database that reside in the Oracle Database. Note: The Database Dashboard software is not installed on client computers. This section describes: Dashboard Features Setting a Dashboard Password Dashboard Features The Database Dashboard includes the: Dashboard tab Provides information about database performance, space utilization, and operating systems usage. The traffic light displays the current state of the database. Report tab Provides a comprehensive view for troubleshooting the Oracle Database database. The top of the report provides a list of potential problems that the Database Dashboard software identifies. Administration tab Provides a limited set of database administration functions. GeneMapper ID-X tab Provides statistical summaries and tools for the GeneMapper ID-X Software database. 79

92 Chapter 4 Maintaining the Software and Database Application Using the Database Dashboard Software Setting a Dashboard Password On all multi-user database computers, log in to the Database Dashboard and set a password to ensure that only authorized users can access the Database Dashboard software. Note: The Database Dashboard software is not installed on client computers. 1. Select Start All Programs Applied Biosystems Database Dashboard Dashboard. 2. Click Yes when asked if you want to set a password. 3. Enter the password: password. 4. Click OK. IMPORTANT! Do not lose the password for the Database Dashboard software. Applied Biosystems cannot retrieve passwords. Starting the Database Dashboard Note: You must log in to GeneMapper ID-X Software at least once before starting the Database Dashboard for the first time. 1. Select Start All Programs Applied Biosystems Database Dashboard Dashboard. 2. Enter the password specified by the GeneMapper ID-X Software system administrator after the software was installed. IMPORTANT! Do not lose the password for the Database Dashboard software. Applied Biosystems cannot retrieve the passwords. Note: To change or set the password at any other time, select Database Set Password. 80

93 Chapter 4 Maintaining the Software and Database Application Reviewing the Database Statistics Reviewing the Database Statistics Review database statistics weekly to determine if database maintenance is required. 1. Start the Database Dashboard (see page 80). 2. In the Database Dashboard window, select the GeneMapper ID-X tab. 3. Select the Database Statistics tab (see below). The Database Statistics table displays statistics for the GeneMapper ID-X Software database. The statistics are approximate values that are calculated based on the space that is allocated for the database, including tables and indexes. The columns of the Database Statistics table provide storage space information on the three tables (Audit Data, Project Data, and Reference Data) used by the GeneMapper ID-X Software database to store data. Table Name Audit Data Project Data Reference Data Stored Content Audit records generated from changes made to the software (if auditing is turned on). Projects, including samples and results data. Supporting data (analysis methods, size standards, panels, bin sets, matrices, and so on). 81

94 Chapter 4 Maintaining the Software and Database Application Allocating Disk Space 4. Review the content of the Database Statistics table for each category of data and determine whether or not database maintenance is required, based on the instructions in the following table: Used(%) Value (Used/ Allocated) Auto Extend Value Required Action >80% Yes Allocate more space for data as explained in Allocating Additional Disk Space on page 84, if: Used (MB) is approaching Allocated (MB), or Free disk space on the current drive is low. Allocate space on another drive. No Allocate more space for data, as explained in Allocating Additional Disk Space on page 84. <80% N/A No maintenance required Allocating Disk Space This section describes: Options for Creating More Disk Space Allocating Additional Disk Space The Database Dashboard allows you to allocate additional space on the hard drive of a a computer that does not contain Data Collection Software. The Allocation feature is not available if the GeneMapper ID-X Software is co-installed with the Data Collection Software. 82

95 Chapter 4 Maintaining the Software and Database Application Allocating Disk Space Options for Creating More Disk Space When the Used (%) value of any database table approaches 80%: Allocate additional hard disk space for the GeneMapper ID-X Software database, or Export and delete existing data objects to provide more room for new projects and settings. Note: If available space on the computer s hard disk is insufficient for allocation, you must export and remove data. Table 16 indicates the data objects that you can export to increase the free space of the corresponding GeneMapper ID-X Software database tables. Table 16 Exportable data objects Table Name Audit Data Project Data Exportable Data Objects Audit records Projects Reference Data Analysis methods Binsets Matrices Kits, panels, and markers Plot settings Size-standard definitions Report settings Table settings To export audit data, see Backing Up, Removing, and Restoring Audit Records on page 63. To export project data and reference data, see the GeneMapper ID-X Software Help. 83

96 Chapter 4 Maintaining the Software and Database Application Allocating Disk Space Allocating Additional Disk Space 1. Start the Database Dashboard (see page 80). 2. In the Database Dashboard window, select the Dashboard tab. 3. In the Connections pane, determine if any users (clients) are logged on to the GeneMapper ID-X Software. 4. Before you continue, instruct all users to log off the GeneMapper ID-X Software. 5. Select the GeneMapper tab, then select the Database Statistics tab. 6. At the bottom of the Database Dashboard, select the Default Allocation tab. Note: The Allocation feature is not available if the GeneMapper ID-X Software is co-installed with the Data Collection Software. 7. In the Available Drives drop-down list, select a drive. 84

97 Chapter 4 Maintaining the Software and Database Application Allocating Disk Space 8. In the Table Space drop-down list, select a database table. Note: The Project Data table has three subdivisions that can be allocated separately in the Custom Allocation tab to optimize allocation. For information on refining the allocation of the Project Data tables, see the Database Dashboard Help. 9. In the Add Disk Space (MB) scroll box, click the up (down) arrow to increase (decrease) the disk space for the selected table space. You can also enter a number. IMPORTANT! After disk space has been allocated by clicking Allocate, the disk space cannot be reduced. You can use the allocation feature at a later date to increase the allocated space further, but you cannot undo a previous disk space allocation. 10. Click Allocate. 85

98 Chapter 4 Maintaining the Software and Database Application Viewing Project Statistics 11. In the Alert dialog box, click Yes. IMPORTANT! Allocating disk space cannot be undone. 12. Wait until the progress bar indicates that the allocation is complete, then select Database Refresh (or press Alt+R) to refresh the screen and verify that the software has updated the Database Statistics table. Viewing Project Statistics Use the Database Dashboard Software to view summary statistics for the projects that are stored by the GeneMapper ID-X Software database. 1. Start the Database Dashboard (see page 80). 2. In the Database Dashboard window, select the GeneMapper tab. 3. Select the Project Statistics tab to display the project types and number of samples for each project type. 86