1 Introduction
Prerequisites to Configuring the System
Thermo Scientific LCquan Administrator Guide 7
Secure User Groups
The LCquan application requires both the security features of the Windows 7 operating
system and the Thermo Foundation Authorization Manager to define the LCquan secure user
groups and permissions. Typically, the IT professional is responsible for establishing Windows
user accounts and user groups. The laboratory administrator is responsible for setting up the
permission levels in the Authorization Manager and, if necessary, private groups.
• Windows user groups
– The IT professional creates and manages domain user accounts and user groups. Go
to Scenarios for LCquan sample acquisition, scenarios B and C.
– You or the IT professional can create standalone workstation user accounts and user
groups. Go to Scenarios for LCquan sample acquisition, scenario A.
• Authorization Manager private groups—A group can be either a preexisting Windows
user group or a private group that you configure within the Foundation Authorization
Manager.
– Networked workstation—A user must be a member of a domain user group before
you can add the user to a private group. If an intended user is not a user on the
domain, the IT professional must create a user account for the user. Go to Scenarios
for LCquan sample acquisition, scenarios B and C.
– Standalone workstation—A user must have a logon account for the workstation
before you can add the user to a private group. You or the IT professional must create
a user account for each intended user. Go to Scenarios for LCquan sample
acquisition, scenario A.
As the laboratory administrator, you must make the following decisions before asking your IT
professional to configure Windows user groups for domain users or before configuring private
groups in the Foundation Authorization Manager:
• Types of user roles, for example, administrator, supervisor, scientist, technician, auditor,
or quality assurance
• Individuals assigned to each user role and their projects
• Permissions for a given user role, such as the authority to create methods and acquire data,
signature authority, or read-only access to workbooks
For example, a laboratory might have standard operating procedures that prohibit technicians
from performing certain operations with the software. But the same laboratory might not
have any restrictions on software operations that the scientists can perform. In this case, you
must create at least two user groups—one for scientists and one for technicians.
IMPORTANT Each Windows user account must be associated with a user ID, a
password, and a full description. These items are required for the system to store the
auditing information in the designated database.