Salesforce Interview questions and answers Users, Profiles, Role and Permission Sets
Profiles and Permission Sets provides security for meta-data (Structure) components.
1. What is Profile?
- Profile deals with CRED (Create, Read, Edit and Delete) permissions over Apps, Tabs, sObjects, Fields, Record Types, etc…
- We can map only one profile for one user and without mapping the profile we cannot create the user.
2. What is role?
Role deals with authorization to access data.
3. What is Permission Set?
- To improve the permissions for the users over profiles we should go for Permission Sets.
- Example- To give additional permissions to few users who belongs to different profiles over Apps, Tabs, sObjects and fields.
4. Is it possible to delete the user in salesforce?
No, once we create an user in salesforce we cannot delete the user record. We can only deactivate the user record.
5. What is ‘Grant Account Login Access’? How to enable ‘Grant Account Login Access’
If we enable ‘Grant Account Login Access’ for a user then we can see ‘Log in’ button on the detail page of that user. By clicking on that ‘Log in’ button without giving that user’s username and password we can log in.
To enable the ‘Grant Account Login Access’ follow the below steps:-
- Log in as a user to whom you want to enable Log in access.
- At top right corner click on name (Which should be left to Setup) > My Settings
- User should be able to see user’s personal set up page.
- Left side, click on Personal Information > Grant Account Login Access
- User should be able to see Grant Account Login Access page
- In Access Duration column select ‘1 Year’ for all the records and click on ‘Save’ button.
- Log out and Log in as any other user in the organization then click on Manage Users > Users.
- User should be able to see list of records and verify the user to whom we enabled the Grant Account Login Access
- User should be able to see the Login link beside Edit link.
- Click on Login then user should be able to login as that user mode
- Observe at top right corner, user should be able to see Logged in as ‘Name of the user’ which should be highlighte in black color.
- Click on Logout
- User should be come back to original user’s mode, Observe at top right corner, user should not be able to see Logged in as ‘Name of the user’
6. How to give permissions to two fields for different users who belongs to different profiles?
Permission sets.
7. How many users are there in your project salesforce instance?
1000 (It will depends upon the number of licenses taken by the client, it will be like upto 4000 like that based on the client)
8. How to provide security for the Records(Instance)?
- Roles
- OWD(Organigation Wide Defaults)
- Sharing Rules.
- Manual Sharing
- Apex Managed sharing
- View all.
- Modify all.
- View all data.
- Modify all data.
9. How to provide security for Meta-Data files (Schema)?
Using Profiles and Permission Sets.
10. What is OWD?
OWD is the default access level on records for any object in sales force.
For custom objects we can see below access levels –
- Private
- Public Read only
- Public Read/Write
By default after creating custom object OWD access level is Public Read/Write.
Private: only owner and above hierarchy users can have Read/Write access and below hierarchy users don’t have any access.
Public Read only: only owner and above hierarchy users can have Read/Write access and below hierarchy users can have only Read Only.
Public Read/Write: Irrespective of role hierarchy every one can have Read/Write permissions on the records.
11. What is Grant Access Using Hierarchies?
Say there are three roles:
- Role A
- Role B
- Role C
- Role B
Role A is higher in hierarchy, Role B is in middle and Role C is lower in hierarchy
If the Role A user through Manual Sharing or Sharing Rules, shares the record to Role C user who is in lower hierarchy, then the Role B user who is above in hierarchy to Role C user can see the records, if we enable Grant Access Using Hierarchies at sharing settings else Role B user cannot see the record.