Category: security control

Field Level Security Salesforce – Salesforce Admin Tutorials

Field Level Security Salesforce – Field Level Security Overview.

Field level security in Salesforce is configured for a user’s profile. Using Field Level Security administrator can controls whether a user can see, edit, and delete the value for a particular field on an object. Field level Security in Salesforce are very helpful to assign page layouts to users with out creating new page layout. Page layouts in Salesforce are intended to organize fields, buttons, related list and other data. Using page layouts we can make required field for some profiles and read-only to some profiles using  field level security in SFDC.

Example:-  For Administrative Assistant profile, if we want to remove access to payroll and social security information for obvious reasons. A common mistake we make when restricting access is we simply remove a field from a user’s page layout. This method only controls the visibility of the field on detail and edit pages for the object. To be absolutely certain that a user does not have access to a specific field, we must lock down the field with field-level security. This Field-Level Security in Salesforce removes all access to the field for the API, related lists, list views, reports and other parts of plat. 

To administer Field-Level Security follow the steps given below.

  • Go to Setup=>Administer=>Security Controls=>Field Accessibility.

Field Level Security Salesforce - Salesforce Admin Tutorials

  • Now a list of Object in organization will be displayed. Select the object whose field is to be modified.

Field Level Security Salesforce - Salesforce Admin Tutorials

As shown above we selected Demo Object.

  • Now choose your view. If we select View by field we can access field level security for only one field. If we select View by Profile we can access field level security for multiple fields.

Field Level Security Salesforce - Salesforce Admin Tutorials

  • Now select the field from the drop down and from field accessibility for field click on on the link to edit field access.
    Field Level Security Salesforce - Salesforce Admin Tutorials
  • Now we have two choices for field access to the field date i.e., Visible and Read Only
    Field Level Security4
  • Select Visible to make the field readable and Editable.
  • Select Read Only field to make the field visible but not editable.
  • Finally click on Save button.

To check the field level Security for the object demo Object go to profiles and click on Contract manager profile. Now go to Custom object field-level Security and click on the object.

Field Level Security in Salesforce

Salesforce login History | Download Salesforce Login History

Salesforce login History

Salesforce login history: – In this salesforce tutorial we are going to learn about how to get salesforce login history, how to download salesforce user login history in CSV format. In our previous Salesforce Administration Tutorial we have learned about different email settings in Salesforce.com.

Every we login in to our salesforce.com account, each time we login in to our salesforce.com login time, IP source , Login types, status, application like browser used to login, Login URL details will be recorded  in salesforce.com

If we use login.salesforce.com to enter in to salesforce.com then that specific URL will be recorded. Every instance that we make in salesforce.com interface is recorded ad can be viewed. We get every details about previous salesforce login history details, salesforce fail login history due to wrong password, password changed history, browser used, login type details will be recorded. If we failed to salesforce login due to invalid password then the status of the salesforce login history will be recorded with Invalid password. Which type of browser is used for salesforce login will be recorded. Login types will be different like application, Remote access Client, Apex API and so on.

 Download your Salesforce login History now.

Go to your name=> My settings.

Download Sfdc Login History

Now go to personal=>Login History. 

login history

Click on Login History tab as shown above. Now we are redirected to new page Salesforce Login History page. In salesforce login history page we can find last login date and our last password change date.

Download Salesforce Login History

To download your salesforce login history click on download login history for last six months, including logins form outside the website  link as shown above in Microsoft excel format.

Read more for salesforce tutorials and administrator interview questions and answers that explains step by step.

Changing Salesforce Login Password

Changing Salesforce Login Password :- In our Previous Salesforce administration Tutorial we have learned about How to edit our email settings in Salesforce.com. In this Salesforce tutorial we are going to learn about How to change our salesforce login password.

Changing Salesforce Login Password

In salesforce.com we can change our salesforce login passwords periodically for better protection. As per salesforce.com password policies we can set number of days to expire user password, Minimum password length, password complexity level, lock out time period.

salesforce login password policies

Salesforce login passwords will expire as per salesforce.com password policies. We can configure user password expire time to different days example 30 days, 60 days, 90 days, 180 days, one year and  Never expire. When the expire date reaches salesforce.com prompts us message automatically to change new password.

Here we have another case where we want to change salesforce.com login password when we lost our password or when we forget our salesforcelogin password. To change salesforce login password follow the steps given below.

Changing Salesforce Login Password

Go to your name=> My settings.

Changing Salesforce Login Password

Click on my settings and Go to Personal Tab.

Changing Salesforce Login Password

Now go to Advanced User Details  as shown below.

Changing Salesforce Login Password

When we click on Advanced User Details we are redirected to new salesforce page  as shown below.

Now click on Change Password link as shown below.

Changing Salesforce Login Password

Click on Change Password.

Changing Salesforce Login PasswordTo change password enter all the details shown above.

  • Enter your old password.
  • Now enter your new password and again enter new password ti verify.
  • Select Any question from picklist.
  • Enter your answer.
  • Finally click on Save button to change your salesforce login password.

Organization Wide Default in salesforce, OWD settings in sfdc

Organization Wide Default in salesforce:  In this Crm Salesforce Training Tutorial we are going to learn about organization-wide default settings in salesforce, OWD access level actions, What is meant by Organization-wide defaults. In this training we are able to learn clearly about OWD(organization-wide default ). Through organization-wide default settings we define the access level for all users to a Record in an Organization.

Record Ownership : The User or Queue who controls and have the right to access  a record.

Generally there are two types of Owners. They are

  1. Users.
  2. Queues.

Record Owner Privileges.

  • View and Edit.
  • Transfer.
  • Changing Ownership for a record.
  • Deletion of a record.

When we are making record level security we have to make Object permissions enabled. This is the important thing we have to make and now we assume we Object permissions are enabled.

Record Level Security or Record Accessibility can be done by

  • Organization wide Defaults.
  • Sharing Settings.
  • Role Hierarchy.

Organization wide Defaults in salesforce.

  • Organization wide Defaults define the baseline level of access to data records for all users in an Organization.
  • Organization wide Defaults are used to restrict access to data(Records).
  • Organization wide Defaults(OWD) can be defined for Standard Objects and Custom Objects.

Organization-wide Defaults Access level actions.

  1. Public Full access.
  2. Read/Write/Transfer.
  3. Read/Write.
  4. Public Read Only.
  5. Private.

Public Full access.

Public full action option is available for setting the Campaign Object only. Through public access the user can have the ability to search records, Reports and records, add related records, edit details of the record, can delete the record.

Access levels for the campaign OWD’s can be set to private, Public Read only, Public Read/Write and Public Full Access. When campaign object is set to public full access, all users in that organization can be able to view, edit, transfer and delete.

Read/Write/Transfer

Read/Write/Transfer option is only available for Leads and Cases. Here we can set to Private, Public Rad only, Public Read/Write and public/Read/Write/Transfer for case and lead objects. When case and lead objects are set to public/Read/Write/Transfer all users can view, edit, transfer and report on all cases and lead records.

Public Read/Write.

When ever a record is set to Public Read/Write the user can view, edit and report on all record.

Public Read Only.

When ever a record is set to public Read only the user can search the records, view and report on every record but the user can not edit that record. Record owners and users can edit that records.

Private.

When ever a record is set to private only that record owner and users above that roles in an hierarchy can view, edit and report on those records.

No Access, View only, Use.

This No Access, View only, Use options is available only for Price books only. We can set access level for price book OWD settings to either No Access, view only or use.

  •  Use is default access level for price Book and allows the users to access the price book information and can use that price book information in opportunities with products
  • View Only allows the users to access the price book information and but not to use that price book information in opportunities with products.
  • No Access restricts the users to access price book information and prices.

How to make organization-wide default settings in salesforce.

  1. Go to Setup.
  2. Security Controls.
  3. Sharing Settings.
  4. Organization wide defaults.
  5. Edit.

Organization Wide Default in salesforce

Grant Access using Hierarchies.

Salesforce uses role hierarchy to automatically to grant access to users by default. We can not edit Grant Access using Hierarchies for standard objects and can edit Grant Access using Hierarchies check box for Standard objects. If Grant Access using Hierarchies check box for custom objects is not checked, only the record owner and users which are granted by Organization-wide default settings will be to access those records.

How to enable Salesforce Customer portal – crmsalesforcetraining.com

Enabling salesforce customer portal is the primary steps when dealing with customer portal in salesforce. Enabling customer portal in salesforce is the way of sharing information with our customers, communities etc.

Why should we enable salesforce customer portal ?

By enabling customer portal in salesforce only we can share information with customers. With out enabling customer portal in salesforce we can’t satisfy customers needs. All the necessary customisations, settings, features will be available only after enabling customer portal in salesforce.

How to enable salesforce customer portal ?

Enabling salesforce customer portal in necessary. Salesforce users must know how to enable salesforce customer portal. Follow the steps given below to enable salesforce customer portal.

  • Go to setup=>Customize=>Customer portal=>Settings.

salesforce customer portal

  • Now click on settings to activate.

enable salesforce customer portal

  • Now click on Edit button to edit. After editing click on enable salesforce customer portal as shown above.
  • Click on Save Button.
  • Now a new window will be opened. Click on Continue button for next steps.

We have successfully enabled customer portal in salesforce. In the process of enabling salesforce customer portal we have to select some sharing rules, Folder and finally confirmation of all settings.

Step 1 : Selecting Sharing Rules.

We have to select sharing rules that are to be converted.

enable salesforce customer portal

Step 2 : Selecting folders.

enable salesforce customer portal

Step 3 : Confirm

enable salesforce customer portal

  • Finally click on Save button.

After enabling customer portal in Salesforce we can not disable it. If we want to disable salesforce customer portal we have to prevent user from logging into customer portal.

Configuring Field Level Security for Key Company Goals

Configuring Field Level Security for Key Company Goals

In our previous Salesforce tutorials we have learned about Tracking history for collaborator goals in salesforce.com. In this Salesforce Training Tutorial we are going to learn abou Configuring Field level security for key company goals in salesforce.com.

In Salesforce, key company goals are used to dispaly the company wide goals to every user in an organization. Comapny goals are the part of work.com  so we are giving field level access to work.com administrator and othr other users for creating key company goals.

Configuring Field Level Security for Key Company Goals.

To configure key company goals in salesforce.com follow the steps given below.

Go to Setup=>Customize=>Work.com=>Goals=>Fields.

key company goals

Click on Fields to configure security settings as shown above.

Now we are taken to new page called Goal Standard Fields. Go to Is key Comapany Goal field and click on it.Configuring Field Level Security for Key Company Goals

Now click on Set Field-Level Security button as shown below.

key company goals1

Now we have to select visibility check box and make sure we should not select Read only check box. Select Field levle security visibility check box. When we select Read only check box for profiles we are not able to create key company goals in Salesforce.comkey company goals2
 Finally click on Save button to save all settings.

Salesforce License Types |3 Salesforce License Types

Salesforce License Types :- In our previous Salesforce tutorial we have learned about List of all salesforce Licences. In this Salesforce Training tutorial we are going to learn about three different Salesforce license types like User Salesforce License Types, Feature  license types and Permission Set  License types.

Salesforce licenses Types – List of all licenses in Salesforce.com

Developer Edition Organisation provide full access to Force.com platform features, as well as licenses for other salesforce.com products that allow you to play around and discover new functionality. A number of salesforce licenses are provided including.

  • 2 Salesforce licenses.
  • 3 Salesforce Platform licenses.
  • 2 Salesforce CRM licenses.
  • 2 Salesforce Mobile licenses.
  • 5 Salesforce Partner licenses.
  • 10 Customer Portal Manager licenses.

Salesforce License Types

Salesforce

This is the most commonly purchased license and entitles users to full access to all standard CRM functionality, standard applications, custom applications and AppExchange apps.

Salesforce Platform.

salesforce platform  license is for users who need to access custom or AppExchange apps but not standard CRM functionality. These users have access to core platform functionality such as accounts, contacts, custom tabs, reports, dashboards and documents but are restricted in other ways. They do not have access to opportunities or forecasts and are not entitled to some user permissions and standard apps.

  • Salesforce Platform Light

Salesforce Platform Light license is for users who need to access custom or AppExchange apps but not standard CRM functionality. It essentially provides the same access rights as the Salesforce Platform license however the amount of times the user can log in is limited monthly. Salesforce Platform Light users cannot edit or create new dashboards and can only view them if the dashboard’s Running User also has a salesforce.com Platform Light license.

  • Force.com – One App

Force.com Salesforce license is for users who need access to a single custom application but not standard CRM functionality. These users have the same rights as Salesforce Platform users (plus unlimited number of custom tabs) but are limited to a single custom application consisting of up to 10 custom objects and have only read-only access to accounts and contacts.

  • Force.com – Free

Force.com Free Salesforce license is for users who need access to a single custom application but not standard CRM functionality. Essentially the same rights as Force.com – One App users but they do not have access to accounts and contacts.

  • Knowledge Only User

Knowledge only user license is for users who only need access to Salesforce Knowledge and allows them to access the following tabs: Articles, Article Management, Home, Reports, and custom tabs. The license also includes a profile that grants access to the Articles tab via the “View Articles” user permission. A user’s profile must also include the “Manage Articles” permission to view and use the Article Management tab.

  • Content Only User

Content Only User license is for users who only need access to Salesforce CRM Content and allows them to access the following tabs: Workspaces, Content, Subscriptions, Ideas and Home.

  • Ideas and Answers Internal User

Ideas and Answers Internal User license is for internal salesforce.com users who only require access to the Answers and Ideas features. The license allows users to access the Home tab, Answers tab, Ideas tab and up to three other custom tabs.

  • Guest User

This is essentially a license for a Force.com Site which allows you to create one active Force.com Site for each Guest User license in your Org. Site visitors have access to any information made available in an active public site but can be restricted by object and read/write privileges. Your edition determines the number of Guest User licenses and you cannot purchase additional licenses.

  • Customer Portal Manager Standard

This license is for Contacts that access your customer support information by logging into your Customer Portal. These users can view and edit data owned by them or users below them in the Customer Portal role hierarchy. They also have the ability to view and edit cases in which they are involved access custom objects based upon their profile and receive the Portal Super User permission.

  • Customer Portal Manager Custom

An extension of the Custom Portal Manager Standard license, this license also allows the user to run reports based their profile settings plus receive the “Delegated Portal User Administrator” permission.
Partner portal users can also have the following two user licenses entitling them to additional features.

  • Silver Partner – This license entitles the user to access Salesforce CRM Content (based up feature license and profile), 2 MB of data storage and access to the documents tab, approvals and My Account Profile.
  • Gold Partner – This license entitles the user to access Salesforce CRM Content (based up feature license and profile), 5 MB of data storage and access to accounts, leads, opportunities, cases, custom objects, documents tab, approvals and My Account Profile.

High Volume Customer Portal User.

This license is designed for contacts who need access to customer support information in your Org. These users don’t have roles, don’t appear in the role hierarchy and can only access specific records based upon specific criteria. These users can access accounts, assets, cases, contacts, custom objects, documents, ideas, and questions depending on their profile settings.

  • Chatter Only

Salesforce.com recently announced a Chatter license for users who typically do not access Salesforce CRM but need to collaborate with other users via Chatter. The license is $15/user/month and allows the user to access profiles, status updates, people directories, real-time feeds, file sharing/content, groups, ideas, contacts, accounts, dashboards, reports, 1 custom app and up to 10 custom objects.Be careful when purchasing salesforce.com licenses on a budget. You may be tempted to save money by choosing a “cheaper” license but down the road you may discover that your users do not have access to required features.

To check how many number of licenses that you have used in salesforce.com. Go to Setup=>Administer=>Company Profile=>Company Information.

  1. User Salesforce License Types.

    • Standard User Licenses
      • Salesforce.
      • Knowledge only.
      • Identity.
      • External Identity.
      • Work only User.
      • Force.com-One App.
      • Foce.com App Subscription.
      • Employee community user.
    • Chatter User Licenses.
      • Chatter External.
      • Chatter Free.
      • Chatter Only.
    • Communities User Licenses.
    • Service Cloud portal User Licenses.
    • Sites and Site.com User Licenses.
    • Authenticated Website User Licenses.
    • Customer Portal User Licenses.
    • Customer Portal Enterprise Administration User Licenses.
    • Partner Portal USer Licenses.
    • Authenticated Website User Licenses.Salesforce License Types
  2. Feature Salesforce License Type.Feature Salesforce Licenses Types.

  3. Permission Set Salesforce License Type.Permission Set Salesforce License Type.

Salesforce Licences | Salesforce License Types

Salesforce Licences :- In our previous Salesforce Training Tutorial we have learned about different fields available in company information. In this Salesforce Tutorial we are going to learn about Different Salesforce licences types and list of Salesforce Licences.

What are Salesforce Licences ?

Generally  we know that ” A licence will grant (or) provide some special permissions for the user to access features of a product “. Like wise Salesforce.com provides some set of licenes in different types that to be used by salesforce.com user.

Salesforce Licences | Salesforce License Types

Salesforce Licences | Salesforce License Types

Different Salesforce Licences.

Salesforce licences can be divided into three Salesforce licenses types. They are

  • User Licences.
  • Feature Licences.
  • Permission Set Licences.

User Salesforce Licences.

Salesforce User Licence is one of the Salesforce licence type which can be used to access different salesforce baseline features. Again Salesforce user licences can be divided into 10 Salesforce licences types. They are

  • Standard User Licences.
  • Chatter User Licences.
  • Communities User Licences.
  • Service Cloud portal User Licences.
  • Sites and Site.com User Licences.
  • Authenticated Website User Licences.
  • Customer Portal User Licences.
  • Customer Portal Enterprise Administration User Licences.
  • Partner Portal USer Licences.
  • Authenticated Website User Licences.

Feature Salesforce Licences.

In Salesforce.com, Feature Licence provides some additional features to salesforce.com user. We can assign any number of licences to a user in  salesforce.com. Feature licences provides some additional features like marketing, work.com etc.

Permission Set Salesforce Licences.

In Salesforce.com, permission Set licences are available depending up on the edition that we use. Through permission set licences we assign different permissions through permission set. Some of the action that can be done using permission set licences are.

  1. We can check for number of permission set licences available in salesforce.com.
  2. We can assign this Salesforce licence to a user.
  3. We can also remove this type of salesforce licence to a user.

Creating New Salesforce Calendar Sharing

Creating New Salesforce Calendar Sharing :- In our previous Salesforce administration tutorial we have learned about Changing Salesforce login password and how to reset salesforce login password. In this Salesforce Training Tutorial we are going to learn about Creating new Salesforce calendar sharing in salesforce.

Why we create Salesforce calendar sharing ?

Before creating salesforce calendar sharing, if  a salesforce user wants to know about the schedule and events of another user he has to ask that specific user and note down his events and tasks manually. Suppose if the organization is very much larger and have hundreds of salesforce user there it is very difficult to collect meeting schedules and events. So Salesforce calendar sharing are used to grant access to multiple users, Roles, personal groups, Roles and subordinates and public groups.

How to create New salesforce Calendar sharing?

Before creating new salesforce.com calendar sharing we have make some settings in Organization-Wide-Default settings. Follow the steps as shown below.

Go to Setup=>Administer=>Security Control=>Sharing Settings.

Creating New Salesforce Calendar Sharing

Click on Sharing Settings=>OWD Edit.

Creating New Salesforce.com Calendar Sharing

Now click on edit button to edit organization-wide-default settings and got to calendar section. In calendar we have four options they are hide details, Hide details and add events, show details, show details and add events. Select Show details and add events as shown above.

Now click on Save button.

Now go to My name=>My settings.

Creating New Salesforce.com Calendar Sharing

In my settings select calendar & Reminders.

Creating New Salesforce.com Calendar Sharing

Select Calendar Sharing in calendar & Reminders section.

Now we area taken to new page there click on ADD button to add new salesforce calendar sharing.

Creating New Salesforce Calendar Sharing

Select users, roles, roles and subordinates, public group, private group to which you want to add salesforce calendar sharing.

Creating New Salesforce Calendar SharingDrag Users from available to Share with block using arrows as shown above. After creating new salesforce calendar sharing we can add meeting events etc which will be shared to all users automatically.

Salesforce Security control , Security Model Tutorial

Salesforce Security Model Tutorial

In Salesforce Security control is done by system level  and Application Level Security. In this article we should able to get knowledge on security control in Salesforce. Salesforce Security is of two types they are

  • System Level Security.
  • Application Level Security.

    salesforce security

    salesforce security

System Level Security.

Authentication.

  • Single Sign-On.
    • Federated Authentication.
    • Delegate Authentication.

 Authorization.

  • OAuth.

  Social Sign –On.

  • Twitter.
  • Facebook.
  • Sales force.
  • Google.
  • Janrain: provides 25+ different authentication users.

Application Level Security.

  1. Object Level Security.
  2. Field Level Security.
  3. Record Level Security.

Salesforce Security : Object Level 

This object level Salesforce Security is also called as Object Level Permission”. In this section we can control the data. Object  Level security is one of the level of the security in salesforce in which we provide or access controlled permission to the prescribed user.  Object level security can have the following features.

  1. We can prevent the user from editing, seeing, creating, deleting and managing a particular type of object.
  2. We can hide the entire TAB from a user.

Object Level security can be done in the following Sections.

  • Permission Sets.
  • Profiles

Permission Sets : In this Permission sets we define the access level of the user. Generally we determine what a user can do in the applications. These are used to grant additional permission to a user. Profiles : In Object level Security, Profiles are assigned to the user by system administrator. A profile can be assigned to many users where as a user can have only one Profile.

Salesforce Security :-  Field Level

Here  we control the user to see, edit, delete of a particular field in the object. In some situation like if we want to grant access control over Object to a user but the user should not be able to access some particular fields in that objects then we go for Field Level Security.

Field Level Security can be controlled by Profiles and Permission sets.

= > Profiles.

  • Page Layouts.
  • IP Ranges.
  • Login Hours.
  • Desktop.
  • Client Access.

= > Permission sets.

  • App Permissions.
  • Record Types.
  • Tab Settings.
  • Assigned Apps.
  • Object Permissions.
  • Field Level Security.
  • Apex Classes
  • Visual Force Pages

Salesforce Security :- Record Level .

After setting Object and Field Level Security the situation may arise like if a user is eligible to access a particular Record in a Object there we use this sharing method . This can be done by the following settings.

  • Org Wide Defaults.
  • Role Hierarchy.
  • Sharing Rules.
    • Manual Sharing.
    • Criteria Based sharing.

Organization-wide-Level Security

Determining Organization wide Defaults is the first step in record level security. This is the most restrictive level of locking the data to a user. Here if we give Read-Only accessibility to a user then the user is only made to Read to a particular Record.

Role Hierarchy.

After setting Organization wide default setting next step is to make settings in Role Hierarchy. Here we can give wider access to a record s with role Hierarchy. In Role Hierarchy we create Role Hierarchies for a organization.

Sharing Rules.

Sharing Rules makes automatic exceptions to organization wide defaults settings for particular users in an organization. Sharing rules can be done by manual sharing, criteria based sharing and Apex managed sharing.

Declarative Features of Record level security.

  • What objects can I access?
  • What page layouts can I See?
  • What fields can I Access?
  • Which tabs can I view?
  • Which records types can I see?
  • Which Apex classes are accessible for me?
  • Which Visualforce pages can I access?