Salesforce Administrator’s Quick Notes – Users

1. Currencies: When dealing with multiple currencies, you are better off working with an app that captures current conversion rates. Otherwise, you will fail to capture the true value of your Opportunities in the pipeline. The app keeps up with the exchange rates, so you don't have to manage them manually. that are outside the corporate default, so you see all of these are U.S. dollar.

2. Fiscal Year: You have standard and  custom fiscal years. A standard fiscal year is 12 months. A standard fiscal quarter is 12 weeks. A standard fiscal year starts on the first day of the month. Custom months have 13-month years and 13-week  quarters. When you start using custom fiscal years you cannot  go back to using standard fiscal years.

3. Activities: There are two types of activities that can be related to records or individuals, Tasks and Events. A task is an action that  needs to be completed. Tasks must be marked complete once the user is done. An event is a calendar entry. Events are automatically marked as complete once the start date has been reached. Tasks and events are a great way to capture and keep up with actions that are associated with records in Salesforce. Completed tasks move to Activity History once they have been completed.

4. Activities can be customized. You can create new fields for specific relevant information. You can also have different activities for different users. Activities can be customized if you don't like what's out-of-the-box

5. Salesforce provides you with the ability to use multiple calendars.  Every user has a personal calendar and can grant access to specific users.

6. Chatter is Salesforce’s collaboration tool. It is similar to the functionality of MS Teams. You can follow people,  records or files.  You have the ability to  like posts, download files, share  internal and external links,  comment on posts,  and attach files to posts or records.

7. Salesforce user defined: A user is an individual that has access to your Salesforce organization. Each user is identified with a unique user record. User data is composed of personal information, access information, and locale. Personal information includes their name, Salesforce alias, e-mail, phone, address, and title. Their access and security information includes their username, any associated licenses, profile, their role, and login history. Their locale includes information such as time zone, locale, language and currency.

8. There are 3 ways to create a new user. First, you can use the click path Setup|Users and create users one by one.  Secondly, you can use the click path Setup|Users  and use the option to “Add Multiple Users”. Lastly, You can upload multiple users in mass using a spreadsheet and Data Loader.

9. Your role is your position in the company hierarchy, i.e. Sales Analyst, Sales Manager, CEO, etc. Your profile determines what you have access to.  The User Profile is the security access assigned to your user account. The profile determines what you can see.

10. Login security controls: You can control when and where somebody logs into Salesforce using Trusted IP ranges. If a user is within the Trusted IP range they will be allowed to log into Salesforce using their credentials. If they are outside of the IP range, the user will need to use another authentication method to log in such as a verification code.  Similarly, you can use organization wide trusted IP ranges where admins can manually add trusted IP addresses for organizations which allows the users to bypass the verification process.

11. Password policies: Change passwords often, such as 90 days or less.

  • Require unique passwords
  • Requiring the length of passwords to be 10 characters or longer.
  • Require a mix of letters and numbers and special characters and passwords.
  • Reminder users never to share passwords.

12. Identity verification: When a user logs in from outside a trusted IP range and uses a browser not recognized by the organization. The user is challenged to verify their identity. Meaning, that a verification code will be needed for the user to confirm their identity.

13. Multifactor authentication: With multifactor authentication users provide a second verification or multiple factors through a verification method, such as an authenticator app. You can set multi-factor authentication:

  • For every login
  • Logins through an API
  • To access specific features

14. Single sign-on: This authentication method enables users to log into multiple applications using their credentials. In practice you configure your system to trust another system to authenticate users which removes the need for the users to log into each system individually.

15. My domain: Allows you to specify a customer specific name to include in your Salesforce org URL's. An example would be https://mycompany.my.salesforce.com.  As of Winter 2023 enhanced domains will be enforced.

16. Health check: Helps  identify and fix vulnerabilities discovered with your security settings. It  provides a summary report on how well your organization has fallen within Salesforce’s recommendations. Less restrictive settings will result in a lower score.

17. User experience login option: If you locate a user's record you have the option of logging in as that user to see the experience from their perspective. Administrators can log in as any user in the system using the login option.

18. Profiles: Profiles are created for groups of users. Generally, you do not create a profile for a single user. Updates to a profile applies the updates to all users under the profile. They define how users can access objects and data and what actions they can take within the application. Users are assigned one profile. Profiles control access to: assigned apps, tab settings, record type assignments, page layout assignments, and field permissions.

19. Permissions define what actions a user can take. There are app permissions, system permissions, standard objects permissions and custom object permissions.

20. Object access: CRED permissions – Create, Read, Edit, Delete. CRED is provided through the Profile, Permission Set, or Permission Set Group.

21. Salesforce standard profiles: There are six standard profiles: System Administrator, Standard User, Solution Manager, Marketing User, Contract Manager, Minimum Access. You cannot change or delete standard profiles. You can create a custom profile by cloning one of the standard profiles and editing the clone. A bare bones profile is the Minimum Access profile. Using the Minimum Access Profile  is recommended when creating a new profile.

22. Restricting login hours and login IP ranges on profiles: You can define when and where users can log into your organization on the user profile. You can restrict logins by IP address, or you can restrict logins by day and time. Times are set in one-hour increments.  Login times are based on corporate defaults and not the user’s locale.

23. Users cannot be deleted, but you can deactivate users.

24. Permission sets: Grant additional permission to specific users.  Permission sets are applied on top of an existing profile.  Permission sets add additional access but do not remove access. You can assign Permission sets through either the Permission Set or from the User Record.  Total User Access = User Profile + Assigned Permission Sets.

25. Permission Set Groups: Bundle permission sets together based on user job functions. Assign users to the group through the Permission Set Group.  

26. Muting Permissions: You can use a Muting Permission Set  with a Permission Set Group to disable permissions. Muting affects all members of the group. You will need to identify the object and the permissions you are muting.