A. Page Layout – would only make it mandatory on specific page layouts
B. Validation Rule
C. Roles & Profiles – not applicable
D. Field Level Security – not applicable as this only determines whether fields are visible/read only/hidden
Quick question regarding IP address. A company has an IP range set up and a user’s profile has a specific IP address. If the user moves out of that IP range but is still under the company’s IP address range, will the user be denied access, granted access or will be required to enter a security code ?
-Thanks
I just can’t. Since this is a training environment, I removed all the permission sets associated with Opportunity. Now, when I log as Matt and try to share the Opportunity, I can only share with user Matt. I created a permission set for the role EMEA Sales Rep (Karen’s role) and then I can share the Opp with Karen, but all EMEA Sales rep get the same access. I will try to remove some other stuff and see if works. I tried similar scenario on a Production environment and it worked fine. Really strange because Matt and Karen have the same profile and Matt owns both the Account and the Opportunity, still unable to share either with Karen.
I have 2 users with profile as Sales User. OWD for Opportunity is private. Matt has a role as US Sales Rep and Karen has a role as EMEA Sales Rep. Under Security Control/Sharing Settings/Opportunity sharing rules, I see a Global Sales Rep Group which contains ALL Sales reps (US, EMEA, APAC) sharing ALL Opportunities with ALL Sales Rep as read only. When I login as any user with a profile Sales User, I can see any Opportunities (US, EMEA, APAC) regardless of owner/role.
When I login as Matt, I want to share all his Opportunities with Karen or at least one Opportunity.
I tried a permission set with read/edit access to Opportunities and added Karen, when I log as Karen, I can read but can’t edit Matt’s Opportunities. I logged again as Matt, chose one Opportunity and clicked on Sharing. I can pick Public Groups, Roles, Roles & Subordinates, Users. When I try to chose Users hoping to be able to pick Karen, it shows me only 5 users: One VP of Marketing (role) Excutive User (profile), one APAC Sales Rep (role) Sales User (profile), 2 Marketers (Role) General Marketing User (profile) and one Marketing Director (Role) General Marketing User (profile). All these 5 users were grated read only access thru existing Opportunity Sharing rules. If I chose Roles and pick EMEA Sales Rep with read/edit acces, Karen gets edit access to this Opportunity but ALL other EMEA Sales Reps get the same. How can I give access ONLY to Karen to edit this Opportunity that belongs to Matt? I thought manual sharing was exactly that. Sorry for the long question.
You should be able to share the record directly with Karen – does Karen already have access to the record? If not have you tried specifically searching for her name?
While in the Salesforce video that explains role hierarchy, it shows view/edit access can be controlled through roles as well. But when looking at dev org, there is no option to choose whether we can control view / edit access through roles as well.
Access is granted via the role hierarchy (those in higher roles auto inherit access to records owned by those below) and through sharing rules to grant additional access. You are correct that there is a limited impact to security by configuring the role directly.
If I update the password in Salesforce,will SSO reflect it and the other way around it. If I update the password in SSO will the password be update in SFDC?
I don’t think you have a password at all with sso enabled. Your source system(eg active directory) performs the authentication. The password is not stored in salesforce in that scenario. Not an expert here, but that’s what I’ve seen working with clients that have it enabled (you will get an error in salesforce if you try to reset the password of a user that has an sso enabled profile).
I am not clear about the difference between:
Role Hierarchy and Sharing Records with Manager Groups
If an object has Private setting on OWD, the role hierarchy will allow higher roles in the hierarchy of the record owner to access it. Why would i use “Sharing Records with Manager Groups” than?
Manager groups depend on the Manager lookup field on the user.
E.g.
Bob (reports to) –> Jim
Jim (for whatever reason) is not above Bob in the role hierarchy. The Manager group allows you to declare sharing based on the manager field, rather than the role hierarchy (e.g. direct reports only… versus all those lower in the role hierarchy).
What are External users? what licence to they have to my org. instance?
What is partner (user)?
User sharing for external users
Users with the “Manage External Users” permission have access to external user records for Partner
Relationship Management, Customer Service, and Customer Self-Service portal users, regardless of
sharing rules or organization-wide default settings for User records. The “Manage External Users”
permission does not grant access to guest or Chatter External users.
External users would be customer/partner/community licenses- users in these categories are typically enabled from an existing account/contact record (the resulting user record is linked back to the contact that it was created from).
If you are curious about this I would suggest enabling communities in your org – create a test account/contact and then grant access. DE orgs have community licenses to test with.
Hi john,
It might be a silly question at this stage , but want t know that record access level , sharing rules can only be defined by ADMIN in ur org, ?
—————————————————————————————————————————————————————————————————–
OR
Record owner can also define there sharing rules , to whom they want to share with.
and further in sharing rules and manual sharing ,,,,and hierechy,
another question is …when i have OWD more restricted then public Read/Write…
Hierarchy :
there is a hierarchy and , if i m a subordinate of manager, and as the rule define at Role hierechy my manager can access my roles..so how much manager access allowed for a record at that point( i means is he able to vie,edit,delete,share to others in org.?)
Sharing Rule:
same for sharing rule (how much access to the person have with my record access), can he view,edit,delete,or further can share my record to others?
and same question for manual sharing of my owned record. if i share manually to some user who w/o considering hierarchy…
Manual sharing:
how much access do he have with my record which one shared manually with him?
can he view ,edit, delete, or further share to other user in org.?
at this point , i m really craving for answer related to effect of security model(profile,Sharing settings and again it relate to one of my question on reports and dashboard).
you answers Really helping me gain confidence with my Salesforce learning.
Thank you for putting such an effort to direct learners to the right direction.
Thank you .Thank you .
Tejal.
Tejal.
Sharing rule = defined by admin
Record level sharing = defined by a user that has full access to the record
Role hierarchy grants full access for records owned by users below in the role hierarchy (where grant access via hierarchies is enabled, which is the case for standard objects)
Sharing rule only grants up to read/write (not full access, which grants delete)
Manual sharing also grants up to read/write (read or read/write)
Hi John,
The following video has been removed, a shame, I saved it to watch it later now that I have completed your guide but it is gone 🙁
“I love Permission Sets: A Deep Dive Into Profiles 2.0”
in the Who Sees What: Data Visibility How To Series, the first video “Who sees what: Overview” won’t load. I get an error “Error Code: 200
: NetStream.Play.StreamNotFound”
I have a question regarding email notifications I receive as a system admin when OWD settings are changed in SF. How can this be switched off?
Is this setting only valid when changing OWD or also other config?
Secondly, the abbreviation SFDC is mentioned quite a lot, what does it stand for?
Would appreciate if you could explain or provide a link explaining the difference between team and group in Salesforce. I understand where groups are to be used but no clear understanding on how and when to use teams in sharing.
That is a good question. I think Group is mainly used in Chatter and comprises of folks who share common interest or would like to keep themselves abreast on a particular topic; and Team mainly comprises of a group of people, across various teams/departments, that work on specific project. But, it would be great to get more info. on these for clarification.
Teams are defined for select objects (e.g. accounts, opportunities) and are used to designate which users are involved on the record (e.g. an account team indicates who is involved in managing that accounts) – teams also provide access by sharing the record to the user (so that if you are a member of the account team you can view the record).
Groups are multi-purpose and are generally leveraged for purposes (e.g. within a sharing rule).
I think the answer is A.
B. can only read , edit their own opportunities , but can view every one else
VIEW EVERYONE ELSE? Does not make sense.
Answer A should be correct because it says
Can read,Edit and view their own and every one else opportunities
It specifies EVERY ONE ELSE OPPORTUNITIES.
View ALL permission is on Opportunity Object. So, the User will be able to View Opportunities they own AND ALL OTHER RECORDS ON THE OPPORTUNITY OBJECT that others own.
Correct- but if OWD is set to private, then they would not have read/write to all other opportunity records (view all providing only read access)… its not a very clearly worded question though.
I still think the answer would be B. OWD private means that they would only be able to edit and read their own opportunities, then view all would open up view access to all opportunities.
Not sure it notified as a duplicate, so i just to be on the safer side i am posting only the question ..
1) when the user profile on the opportunity was set to Edit and read , and view all .OWD is set to private ,The user can
a)Can read,Edit and view their own and every one else opportunities
b)can only read , edit their own opportunities , but can view every one else
c)can only Read, view , edit their own opportunities and they can’t view other opportunities
My answer is ‘b’ but the answers seems to be ‘a’ .
I am confused now , can you please help me here???
It depends on where the user is in the role hierarchy. The closest answer is probably c.
If the OWD is private, that means that the user won’t be able to view or edit opportunity in the same role as they are assigned or any roles above that role. They will be able to view and edit (granted access via the role hierarchy) records owned by users in roles below theirs.
hi John,
Yes i agree with you depends on Role hierarchy, but if the role hierarchy was not enabled . And the OWD is private.
But the User profile has ‘View all’ option , that means they can view all other opportunities .
This is unfortunate. Yesterday all but one video was view-able. Today only 3 are available. I was only on like the 3rd one in the series and the were great. Why do they keep making them private then public?
Hello John – I am not able to see all the videos in ” Who Sees What”. It says the videos are Private.
Do I need any specific user credentials to view those videos ? Please help.
I thought I’d posted this yesterday, but now I can’t seem to find it. I apologize in advance if, in fact, it is a duplicate post.
For some reason, I’m having problems with this concept, and I’m taking my cert exam next week so I’m more than a little nervous :-).
If someone has limited or no access at the profile level to an object and – therefore – to records they own, can the OWDs/Role Hierarchy/Sharing Rules/Etc. give them more access to objects and records that they don’t own?
My instinct would be to say that if you can’t see/edit/etc. your own records at the profile level you can’t see/edit/etc. someone else’s records.
Correct – you are granted the lowest combination of all of the permissions.
E.g. in order to edit a record, you need edit at the object level and edit access to the record. So if your profile is read only on the account object, you will never be allowed to edit account records.
I’m finding that the user interface screens in the video do not match what I’m currently seeing in the developer or my Enterprise edition. It’s making it a bit more difficult to follow along and find these fields. For instance, there are drop down arrows in the profile settings, but links instead.
Instructions within this guide make the assumption that the Improved Setup User Interface is disabled.
I suggest you double-check your org settings by navigating to Setup –> Customize –> User Interface; ensure “Enable Improved Setup User Interface” is not checked.
If you enable this feature, step-by-step instructions within scenarios and exercises will not line up correctly (as the setup navigation menus will be different).
Hi John,
In the section “Describe the capabilities of the Salesforce App Launcher”, the link is damaged:
[sc:youtubelink id=1_cTGhxPJHQ text=”Setting up the App Launcher”]
BTW, thanks for creating this site…I’m working my way through…
The relationship between accounts, opportunities, and cases is unique and configured in this fashion. Other objects are not influenced by their relationship to accounts in this fashion.
What is your best practice regarding the organization-wide defaults? E.g. do you change these settings as soon as you start a new instance? Or do you keep these settings default?
Generally you want to figure out what security settings will apply to the whole organization and then implement them after that is fully understood. If you need a private sharing model, it is generally best to implement sharing rules first – so that when you turn off org-wide access to the object the users will already have rules in place to grant access where needed.
hi john
is it possible for a user to own a record but not be able to see it?
hi john,l
Which of the following is the best way to make the Field Mandatory for everyone?
A. Page Layout
B. Validation Rule
C. Roles & Profiles
D. Field Level Security
i think it’s B ..
A. Page Layout – would only make it mandatory on specific page layouts
B. Validation Rule
C. Roles & Profiles – not applicable
D. Field Level Security – not applicable as this only determines whether fields are visible/read only/hidden
Quick question regarding IP address. A company has an IP range set up and a user’s profile has a specific IP address. If the user moves out of that IP range but is still under the company’s IP address range, will the user be denied access, granted access or will be required to enter a security code ?
-Thanks
There are two types of IP ranges:
trusted and login ranges
if they login outside of trusted, then they need to activate
if they login outside of login ip ranges, then login will be denied
login ip ranges (restrictions) will override trusted ranges
This link appears to be empty. Winter ’12: Efficient, Manageable Security Policies with Permission Sets
Try: https://developer.salesforce.com/blogs/developer-relations/2011/10/winter-12-efficient-manageable-security-policies-with-permission-sets.html
Existing link appears to still work
I just can’t. Since this is a training environment, I removed all the permission sets associated with Opportunity. Now, when I log as Matt and try to share the Opportunity, I can only share with user Matt. I created a permission set for the role EMEA Sales Rep (Karen’s role) and then I can share the Opp with Karen, but all EMEA Sales rep get the same access. I will try to remove some other stuff and see if works. I tried similar scenario on a Production environment and it worked fine. Really strange because Matt and Karen have the same profile and Matt owns both the Account and the Opportunity, still unable to share either with Karen.
I have 2 users with profile as Sales User. OWD for Opportunity is private. Matt has a role as US Sales Rep and Karen has a role as EMEA Sales Rep. Under Security Control/Sharing Settings/Opportunity sharing rules, I see a Global Sales Rep Group which contains ALL Sales reps (US, EMEA, APAC) sharing ALL Opportunities with ALL Sales Rep as read only. When I login as any user with a profile Sales User, I can see any Opportunities (US, EMEA, APAC) regardless of owner/role.
When I login as Matt, I want to share all his Opportunities with Karen or at least one Opportunity.
I tried a permission set with read/edit access to Opportunities and added Karen, when I log as Karen, I can read but can’t edit Matt’s Opportunities. I logged again as Matt, chose one Opportunity and clicked on Sharing. I can pick Public Groups, Roles, Roles & Subordinates, Users. When I try to chose Users hoping to be able to pick Karen, it shows me only 5 users: One VP of Marketing (role) Excutive User (profile), one APAC Sales Rep (role) Sales User (profile), 2 Marketers (Role) General Marketing User (profile) and one Marketing Director (Role) General Marketing User (profile). All these 5 users were grated read only access thru existing Opportunity Sharing rules. If I chose Roles and pick EMEA Sales Rep with read/edit acces, Karen gets edit access to this Opportunity but ALL other EMEA Sales Reps get the same. How can I give access ONLY to Karen to edit this Opportunity that belongs to Matt? I thought manual sharing was exactly that. Sorry for the long question.
You should be able to share the record directly with Karen – does Karen already have access to the record? If not have you tried specifically searching for her name?
Hey John,
I have troubles understanding something.
While in the Salesforce video that explains role hierarchy, it shows view/edit access can be controlled through roles as well. But when looking at dev org, there is no option to choose whether we can control view / edit access through roles as well.
Access is granted via the role hierarchy (those in higher roles auto inherit access to records owned by those below) and through sharing rules to grant additional access. You are correct that there is a limited impact to security by configuring the role directly.
If I update the password in Salesforce,will SSO reflect it and the other way around it. If I update the password in SSO will the password be update in SFDC?
John, any thoughts?
I don’t think you have a password at all with sso enabled. Your source system(eg active directory) performs the authentication. The password is not stored in salesforce in that scenario. Not an expert here, but that’s what I’ve seen working with clients that have it enabled (you will get an error in salesforce if you try to reset the password of a user that has an sso enabled profile).
Hi john,
Finally stated working with my first ever free app i got from here “The Permissioner” and its awesome.
Thank you again.
Tejal.
Hi John,
I am not clear about the difference between:
Role Hierarchy and Sharing Records with Manager Groups
If an object has Private setting on OWD, the role hierarchy will allow higher roles in the hierarchy of the record owner to access it. Why would i use “Sharing Records with Manager Groups” than?
Thank you,
Gil
Manager groups depend on the Manager lookup field on the user.
E.g.
Bob (reports to) –> Jim
Jim (for whatever reason) is not above Bob in the role hierarchy. The Manager group allows you to declare sharing based on the manager field, rather than the role hierarchy (e.g. direct reports only… versus all those lower in the role hierarchy).
Hi John,
What are External users? what licence to they have to my org. instance?
What is partner (user)?
User sharing for external users
Users with the “Manage External Users” permission have access to external user records for Partner
Relationship Management, Customer Service, and Customer Self-Service portal users, regardless of
sharing rules or organization-wide default settings for User records. The “Manage External Users”
permission does not grant access to guest or Chatter External users.
Regards,
Gil
External users would be customer/partner/community licenses- users in these categories are typically enabled from an existing account/contact record (the resulting user record is linked back to the contact that it was created from).
If you are curious about this I would suggest enabling communities in your org – create a test account/contact and then grant access. DE orgs have community licenses to test with.
Hi john,
It might be a silly question at this stage , but want t know that record access level , sharing rules can only be defined by ADMIN in ur org, ?
—————————————————————————————————————————————————————————————————–
OR
Record owner can also define there sharing rules , to whom they want to share with.
and further in sharing rules and manual sharing ,,,,and hierechy,
another question is …when i have OWD more restricted then public Read/Write…
Hierarchy :
there is a hierarchy and , if i m a subordinate of manager, and as the rule define at Role hierechy my manager can access my roles..so how much manager access allowed for a record at that point( i means is he able to vie,edit,delete,share to others in org.?)
Sharing Rule:
same for sharing rule (how much access to the person have with my record access), can he view,edit,delete,or further can share my record to others?
and same question for manual sharing of my owned record. if i share manually to some user who w/o considering hierarchy…
Manual sharing:
how much access do he have with my record which one shared manually with him?
can he view ,edit, delete, or further share to other user in org.?
at this point , i m really craving for answer related to effect of security model(profile,Sharing settings and again it relate to one of my question on reports and dashboard).
you answers Really helping me gain confidence with my Salesforce learning.
Thank you for putting such an effort to direct learners to the right direction.
Thank you .Thank you .
Tejal.
Tejal.
Sharing rule = defined by admin
Record level sharing = defined by a user that has full access to the record
Role hierarchy grants full access for records owned by users below in the role hierarchy (where grant access via hierarchies is enabled, which is the case for standard objects)
Sharing rule only grants up to read/write (not full access, which grants delete)
Manual sharing also grants up to read/write (read or read/write)
Cheers,
John
Thank you john,
this will help .
Tejal.
Hi John,
The following video has been removed, a shame, I saved it to watch it later now that I have completed your guide but it is gone 🙁
“I love Permission Sets: A Deep Dive Into Profiles 2.0”
Yeah it doesn’t look like it has been replaced by Salesforce either, but is available here: http://fr.podcastmanager.fr/episode-47-i.love.permission.sets.a.deep.dive.into.profiles.2.0-podcast-137301.html
in the Who Sees What: Data Visibility How To Series, the first video “Who sees what: Overview” won’t load. I get an error “Error Code: 200
: NetStream.Play.StreamNotFound”
Works for me. I have a pc using chrome
I would also suggest using Chrome. You may need flash installed as well?
Hi John,
I have a question regarding email notifications I receive as a system admin when OWD settings are changed in SF. How can this be switched off?
Is this setting only valid when changing OWD or also other config?
Secondly, the abbreviation SFDC is mentioned quite a lot, what does it stand for?
Thanks,
Soraya.
Soraya,
SFDC stands for Salesforce Dot (.) Com. Sometimes people just say SF instead.
Hope this helps. (I don’t have the answer to your other question at the moment. Hopefully someone else does.)
Rena
Thanks Rena!
I don’t know of a way to turn off the system emails – Thanks Rena
Hey John can you please help me to understand this question.
Accounts teams are used for the following reasons: (Select all that apply)
a. Share roles with the sales team
b. Are used for collaborative account management
c. Are used for sharing and reporting purposes
d. Are used for splitting of account credit if needed
what his mean by “Accounts teams”
its answer is a,b,c but I’m missing something here.
Hello Bilal:
I am not sure about the answer, I think A,B,C look correct. But, in the attached link, you can learn more about Account Team. Hope this helps.
https://help.salesforce.com/HTViewHelpDoc?id=accountteam_def.htm&language=en_US
Hello John,
Thank you for this excellent Website.
Would appreciate if you could explain or provide a link explaining the difference between team and group in Salesforce. I understand where groups are to be used but no clear understanding on how and when to use teams in sharing.
Thank You
That is a good question. I think Group is mainly used in Chatter and comprises of folks who share common interest or would like to keep themselves abreast on a particular topic; and Team mainly comprises of a group of people, across various teams/departments, that work on specific project. But, it would be great to get more info. on these for clarification.
Hello Sps:
Here is a link that helps clarify the concepts
https://success.salesforce.com/answers?id=90630000000DEbTAAW
Nice link 🙂
Teams are defined for select objects (e.g. accounts, opportunities) and are used to designate which users are involved on the record (e.g. an account team indicates who is involved in managing that accounts) – teams also provide access by sharing the record to the user (so that if you are a member of the account team you can view the record).
Groups are multi-purpose and are generally leveraged for purposes (e.g. within a sharing rule).
John:
I think the answer is A.
B. can only read , edit their own opportunities , but can view every one else
VIEW EVERYONE ELSE? Does not make sense.
Answer A should be correct because it says
Can read,Edit and view their own and every one else opportunities
It specifies EVERY ONE ELSE OPPORTUNITIES.
View ALL permission is on Opportunity Object. So, the User will be able to View Opportunities they own AND ALL OTHER RECORDS ON THE OPPORTUNITY OBJECT that others own.
Pl. correct me if I am wrong.
Correct- but if OWD is set to private, then they would not have read/write to all other opportunity records (view all providing only read access)… its not a very clearly worded question though.
If so, then, you may want to change your answer to A
JohnCoppedge September 3, 2015 at 1:32 pm #
Oh I didn’t see ‘view all’ my mistake – the answer would be b then
I still think the answer would be B. OWD private means that they would only be able to edit and read their own opportunities, then view all would open up view access to all opportunities.
Not sure it notified as a duplicate, so i just to be on the safer side i am posting only the question ..
1) when the user profile on the opportunity was set to Edit and read , and view all .OWD is set to private ,The user can
a)Can read,Edit and view their own and every one else opportunities
b)can only read , edit their own opportunities , but can view every one else
c)can only Read, view , edit their own opportunities and they can’t view other opportunities
My answer is ‘b’ but the answers seems to be ‘a’ .
I am confused now , can you please help me here???
hi can some one help me on the questions please?
It depends on where the user is in the role hierarchy. The closest answer is probably c.
If the OWD is private, that means that the user won’t be able to view or edit opportunity in the same role as they are assigned or any roles above that role. They will be able to view and edit (granted access via the role hierarchy) records owned by users in roles below theirs.
hi John,
Yes i agree with you depends on Role hierarchy, but if the role hierarchy was not enabled . And the OWD is private.
But the User profile has ‘View all’ option , that means they can view all other opportunities .
am i missing some thing here ?
Oh I didn’t see ‘view all’ my mistake – the answer would be b then
I am unable to see the videos, they seem to be private. Is there any other source which can help me view these?
Just figured out…You can watch the videos on http://salesforce.vidyard.com/watch/v66PY49hTxxQiZe1h4RX1A
Awesome, thanks! I will get the links updated shortly.
http://salesforce.vidyard.com/watch/v66PY49hTxxQiZe1h4RX1A
Thank you!
Here’s a link to the Salesforce YouTube Channel playlist of 10 videos for Who See What. The VidYard appears to only have 6 videos.
https://www.youtube.com/playlist?list=PL6747B4DAE356E17C
Nice catch Matthew- updated
Sweet! Thank you!!
This is unfortunate. Yesterday all but one video was view-able. Today only 3 are available. I was only on like the 3rd one in the series and the were great. Why do they keep making them private then public?
This resources provides a visual perspective on Salesforce Security:
https://chendamok.files.wordpress.com/2014/11/salesforce-security-sharing-model-layer-of-visibility-new-page2.png
Wow… Just loved it. Thanks for letting me know John.
HI John,
Who Sees What: Data Visibility How To’s — these videos are made private in you tube. can not access all of them. only 3 videos are made available.
They appear to be back online…
Thanks Patrick.
Only 3 are available.
All but three of the videos in the “Who Sees What: Data Visibility How To’s” youtube playlist are now private.
Hello John – I am not able to see all the videos in ” Who Sees What”. It says the videos are Private.
Do I need any specific user credentials to view those videos ? Please help.
I thought I’d posted this yesterday, but now I can’t seem to find it. I apologize in advance if, in fact, it is a duplicate post.
For some reason, I’m having problems with this concept, and I’m taking my cert exam next week so I’m more than a little nervous :-).
If someone has limited or no access at the profile level to an object and – therefore – to records they own, can the OWDs/Role Hierarchy/Sharing Rules/Etc. give them more access to objects and records that they don’t own?
My instinct would be to say that if you can’t see/edit/etc. your own records at the profile level you can’t see/edit/etc. someone else’s records.
I don’t think I clicked on “Notify me…”
Correct – you are granted the lowest combination of all of the permissions.
E.g. in order to edit a record, you need edit at the object level and edit access to the record. So if your profile is read only on the account object, you will never be allowed to edit account records.
Needs editing:
Each user is assigned a one profile
…should read
Each user is assigned a one profile
Also, a space needs to be between “user(page” in the same paragraph.
Thanks, updated
I’m finding that the user interface screens in the video do not match what I’m currently seeing in the developer or my Enterprise edition. It’s making it a bit more difficult to follow along and find these fields. For instance, there are drop down arrows in the profile settings, but links instead.
Any idea when SFDC will be updating these fields?
You should be able to turn off the new UI:
Instructions within this guide make the assumption that the Improved Setup User Interface is disabled.
I suggest you double-check your org settings by navigating to Setup –> Customize –> User Interface; ensure “Enable Improved Setup User Interface” is not checked.
If you enable this feature, step-by-step instructions within scenarios and exercises will not line up correctly (as the setup navigation menus will be different).
Hi John,
In the section “Describe the capabilities of the Salesforce App Launcher”, the link is damaged:
[sc:youtubelink id=1_cTGhxPJHQ text=”Setting up the App Launcher”]
BTW, thanks for creating this site…I’m working my way through…
Thanks, updated
The repeated links for object access still needs to be updated to: https://www.youtube.com/embed/9hxRSxWRmAc
I found a typo – I think you meant to say “comprised” -> “A group is compromised of users, roles, and other groups.”
Thanks, updated
It looks like a number of these have changed. Here’s the new list of these revised videos –
https://www.youtube.com/playlist?list=PL6747B4DAE356E17C&src_vid=5KLTcu02nfY&feature=iv&annotation_id=annotation_3297769117
updated, thanks!
John,
The Who Sees What Organization-wide Defaults video has been updated – here’s the new link – https://www.youtube.com/watch?v=8rzn-DtG8nc&src_vid=u9PHTLwtomo&feature=iv&annotation_id=annotation_2699026523
Thanks so much for this training series!
Why is it showing only opportunity access and case access options while defining role?
The relationship between accounts, opportunities, and cases is unique and configured in this fashion. Other objects are not influenced by their relationship to accounts in this fashion.
I recently took the exam and was asked the question.
Whats is the Salesforce default OWD for accounts?
Could be worth researching all the OWD defaults for the exam.
Public Read / Write
https://help.salesforce.com/apex/HTViewHelpDoc?id=security_sharing_owd_default_settings.htm&language=en_US
Great notes – thanks James/Ravi
Should note – is already listed in the contents above
What is your best practice regarding the organization-wide defaults? E.g. do you change these settings as soon as you start a new instance? Or do you keep these settings default?
Generally you want to figure out what security settings will apply to the whole organization and then implement them after that is fully understood. If you need a private sharing model, it is generally best to implement sharing rules first – so that when you turn off org-wide access to the object the users will already have rules in place to grant access where needed.
In the “List and describe the standard profiles” section, you have “Solution Manager” listed twice.
Thank you Rennie, I’ve updated this