{scrollbar:icons=false}

This chapter describes the process for creating and managing user accounts in caIntegrator. It also discusses the processes for managing ownership and access to studies in caIntegrator.

This chapter includes the following topics.

Overview of Administering caIntegrator User Accounts Using UPT

In caIntegrator, all tasks related to creating and managing user accounts can be performed only by a caIntegrator administrator using the CBIIT User Provisioning Tool (UPT) v. 4.2. The following sections discuss the use of the UPT for performing these tasks. For further information about UPT, see Chapter 3 of the CSM 4.2 Programmer's Guide.

The UPT is a separately installed application which serves as the user management interface for all National Cancer Institute CBIIT Life Sciences Distribution (LSD) applications, including caIntegrator. The UPT application is the central point for all user management functionality within caIntegrator. You can use UPT to add new users and to apply user group assignments to the caIntegrator database directly. The UPT groups can refer to predefined groups such as Study Manager or Study Investigator, which determine what roles the user has.

The following terms are used both in this chapter and in the UPT to define user-related roles:

• User – a person who is accessing caIntegrator. The user has an associated account and user ID.
• User Group – a group of users, typically grouped by organization and role, for example, "Columbia University Study Managers"
• Protection Group – a group of studies given a secure status and typically grouped by organization, for example, "Columbia University Protected Studies".

Workflow for Creating User Access to caIntegrator

The following steps summarize the process for establishing user access to caIntegrator:

1. A potential user requests a user account in caIntegrator. See Registering as a New caIntegrator User.
2. You, as a caIntegrator administrator, check if the User already exists in caIntegrator. If not, create the new user. See Creating a New caIntegrator User.
3. Check if the requestor's User Group already exists in caIntegrator. If not, create a new *User Group. See Creating a New User Group.

4. Check if the Protection Group (for example, "Columbia University Protected Studies"), containing the studies to which this user wants access currently exists. If not, create a new Protection Group. See Creating a New Protection Group.

   If the Protection Group already exists, contact the Organizational Contact person to confirm that it is OK to give this person access to this Protection Group.

5. Give the requestor's User Group access to the Protection Group. See Assigning a User Group to a Protection Group.
6. Add the User to the User Group. See Adding a User to a User Group.

Creating a New caIntegrator User

To create a new User in caIntegrator, follow these steps:

1. Log into UPT as a caIntegrator Admin.
2. Search to see if the user already exists. Click the User menu option.
3. On the User page that opens, click Select an Existing User.
4. Use the form and search for the user. If you define no criteria, UPT returns a list of all caIntegrator users currently in the system. See the following figure for an example.
   
5. If the user does not already exist (is not listed in the search results), then create a new user. To do so, select the User menu option again, then click Create a New User. This opens the page for creating a new caIntegrator user.
6. Enter details only for the following required fields:
   • User Login Name
   • User First Name
   • User Last Name

   • User Password

     If the requestor is an LDAP user, then the User Login Name must match the LDAP login ID AND the User Password field must be left blank. If the requestor is not an LDAP user, then provide a password.

7. Click Add to confirm the new user.

Creating a New User Group

You can assign a user group to a protection group. The advantage of working with a user group is that you do not have to assign roles to each user individually. You can assign users to a user group to which you assign a role, and then assign that user group to the protection group, or you can assign a role collectively to a protection group after it is created.

To create a new user group in caIntegrator, follow these steps:

1. Login to UPT as caIntegrator Admin.
2. First search for an existing group that the user wishes to join. Click the Group menu option.
3. On the Group page that opens, click Select an Existing Group.
4. Use the form and search for the group. If you define no criteria, UPT returns a list of all caIntegrator groups currently in the system
5. If a user group does not already exist, then create a new user group. Click the Group menu option, then click Create a new Group.

6. On the form that opens, enter a unique Group Name and a description, if appropriate. Click Add.

   The recommended naming convention for a new User Group is [insert organization name] Study [insert role]s . Example: "Columbia University Study Managers".

Creating a New Protection Group

If you prefer that a study or group of studies have limited access, you can assign a user or user group to a particular protection group and assign roles which allow the users in the protection group study access. A protection group provides security or limited access for studies listed there.

To create a new protection group in caIntegrator, follow these steps:

1. Login to UPT as caIntegrator Admin.
2. Click the Protection Group menu option.
3. On the page that opens, click Create a New Protection Group. The page opens for defining PG Group details, shown in the following figure.

4. Enter a unique Protection Group Name and Description, if appropriate. Click Add.

   The recommended naming convention is [insert organization name here] Protected Studies . Example: "Columbia University Protected Studies".

Assigning a User Group to a Protection Group

To give a user group access to a protection group (a group of protected studies), follow these steps:

1. Login to UPT as caIntegrator Admin.
2. Find the user group that you want to assign.
3. Click the Group menu option and click Select an Existing Group.
4. In the page that opens, click Search. If you define no criteria, UPT returns a list of all caIntegrator groups currently in the system. An example is shown in the following figure.
   
5. Select the radio button next to the group name you want to assign to the protection group, and click View Details. This opens the Group Details page. An example is shown in the following figure.
   
6. Below the group details, click Associated PG & Roles. The page that opens, shown in the following figure, displays any PG to which the user group is already assigned.
   
7. Below the group name, examine if the protection group of your choice is already listed there. If so, this means your user group is already assigned to the protection group of choice, and you can skip the remainder of the steps in this section. If the Protection Group is not listed there, then click Back.

8. Back on the User Group details page, click Assign PG & Roles. This opens the Group, Protection Group and Rules Association page where you can assign a role to the user. caIntegrator roles are defined in the following table:

   Role Name	Role Definition
   STUDY_MANAGER_ROLE	Assigning this role allows the user to modify existing studies, create new studies, and deploy existing studies.
   STUDY_INVESTIGATOR_ROLE	Assigning this role allows the user to search the study, save queries about the study and perform analyses.
   PLATFORM_MANAGER_ROLE	Assigning this role allows the user to create and delete array platforms for the entire caIntegrator installation. Caution: Array platforms are shared by all users and studies in the caIntegrator installation. A user with this role can affect the platforms that are used by by all users and studies in the caIntegrator installation.

9. If this user group is a group of study managers, then select STUDY_MANAGER_ROLE. If this user group is a group of study investigators, then select STUDY_INVESTIGATOR_ROLE. AFter making your selection, click Assign.

10. Click Update Associationat the bottom of the page. This completes the assigning of the user group to the protection group you chose.

    If a User has the STUDY_MANAGER_ROLE role for more than one Protection Group, then any study that the User creates will be assign to each of those Protection Groups.

Adding a User to a User Group

To add a user to an existing user group, follow these steps:

1. Log into UPT as caIntegrator Admin.
2. Find the user that you want to assign to a user group. Click the User menu option, then click Select an Existing User.
3. Enter the name of the user you are looking for and click Search. If you define no criteria, UPT returns a list of all caIntegrator users currently in the system, as shown in the following figure.
   
4. Select the radio button next to the name and click View Details. The User Details page open, showing brief details about the user you selected.
5. Click the Associated Groups button at the bottom of the page. This opens the page where you can assign a user to a group, as shown in the following figure.
   
6. Select one or more groups that you want the user to be in and click Assign.

7. At the bottom of the page click Update Association. This completes the assigning of the user to the user group. Now the user will have access to any studies to which the user group has been given access.

   You can add a user to more than one user group. For example, a user could be assigned to "Columbia University Study Managers" as well as to "Columbia University Study Investigators".

Changing a User Password

To change a password for a user, follow these steps:

1. Confirm if the user is an LDAP user or not. If the user is an LDAP user, then this person must change their password using the NCI password change utility. Skip the rest of these steps. If the user is not an LDAP user, then continue with the rest of these steps.
2. Log into UPT as caIntegrator Admin.
3. Find the user that you want to change. Click the User menu option, then Select an Existing User.
4. Enter the name of the user you are looking for and click Search. If you define no criteria, UPT returns a list of all caIntegrator users.
5. Select the radio button next to the name and click View Details.
6. In the page that opens, shown in the following figure, replace the User Password and Confirm Password fields with the new password.
   
7. At the bottom of the page click Update.

{scrollbar:icons=false}