Application security is always important, and even more so when the application is delivered across a public network, such as the Internet. Salesforce.com has developed various mechanisms to secure the platform and reduce the chances of unauthorized people accessing your company data. This chapter describes the way login attempts to the system are controlled and the features available to help you manage your user's access to the Salesforce CRM application.
In this chapter, we will also look at establishing your company profile within Salesforce and how core information, such as the details that are provided when your company first signs up with Salesforce.com, can be managed. You will also be shown how to find your way around the Salesforce Setup menu, and will be introduced to the settings available for the organization-wide customization of the application's user interface along with the search facilities offered by the Salesforce CRM application.
Finally, you will be presented with a number of questions about the key features of Salesforce CRM administration in the areas of organization setup and the global user interface, which are covered in this chapter.
Throughout this chapter, notes and tips are provided to offer further guidance within the given areas of functionality; and have been generated from the practical results and experience of the Salesforce CRM system administration.
In this chapter, we will cover:
The Salesforce setup menu
User login and authorization
Search overview and settings
Questions to test your knowledge
To start with, we will look at the location and the features of the Salesforce Setup menu.
Depending upon your organization's user interface settings, you will access the Setup menu from either the drop-down menu under your name or as a top-level setup link, as shown in the following screenshot.
Looking at the top of the Salesforce page you should see the Setup link, as shown in the following screenshot:
If you do not see the Setup link at the top of the Salesforce page then click on your name and you will then see the setup option, as shown in the following screenshot:
This setting is controlled by the Enable Improved Setup User Interface setting, which is covered later in this chapter.
As a system administrator, you will use the Setup menu so frequently that it is recommended that you enable Improved Setup User Interface.The Improved Setup User Interface setting is activated by default for all new instances. Existing Salesforce instance admins should be aware that this user interface setting determines how everyone in your organization accesses the Setup menu.
When describing any setup steps within this book, we will begin the navigation path from Setup. For example, to enable the Improved Setup User Interface, we will present the navigation path as Setup | Customize | User Interface | Enable Improved Setup User Interface.
The Setup menu appears on the left side of the page. Clicking the menu option text, (or the drop-down icon to the left of a menu option), expands the menu where you can then select the required menu item link; the following screenshot shows the Setup | Manage Users | Users setup page:
Clicking the down arrow icon to the left of the expanded menu option collapses the menu option. You can also expand or collapse all the menu options by clicking the Expand All or Collapse All links as shown in the following screenshot:
To quickly find a Setup menu item, type the first few characters of the setup name in the Quick Find search box. As you type, any options that match your search term appear in the Setup menu. For example, to find the User Interface page, start to type
user interface in the Quick Find box as shown in the following screenshot:
We will now look at how user's login requests are verified and authorized by the Salesforce CRM application.
Organizations have several methods of accessing the Salesforce CRM application. Access can be gained from the user interface (using a web browser), the API (for example, using an integrated client application or the Apex Data Loader), a desktop client (for example, Salesforce for Outlook), or from a mobile client application.
Whenever a login attempt is made to Salesforce using any of these methods, the user's login request is authorized by the system using the following sequence of checks:
Does the user's profile have any login restrictions?
Does the user's IP address appear within the organization's trusted IP address list?
Has the user been activated from this IP address before?
Does the user's web browser have a valid browser cookie from Salesforce stored?
If the user's login is from neither a trusted IP address nor a browser with a valid Salesforce cookie, the login is denied. To gain access to Salesforce, the user's identity must be confirmed by successfully completing the computer activation process.
Now let's look at each of these login checks in more detail.
Login hours and IP address restrictions can be set for the user's profile. If these are set and there are login attempts from a user outside the specified hours or from an unknown IP address, access is denied.
If login hour restrictions are set for the user's profile, any login attempt outside the specified hours is denied.
To go to the Profile menu, navigate to Setup | Manage Users | Profiles. Now choose a profile, select the Login Hours link, and then click Edit.
Set the days and hours when users with this profile can log in to Salesforce.com.
Navigate to Setup | Company Profile | Company Information, click the Edit button, and select the required time zone from the Default Time Zone picklist.
The login hours that are set apply strictly to that exact time, even if a user has a different personal time zone or if the organization's default time zone is changed.
To allow users to log in at any time, click on Clear times as shown in the following screenshot:
To prevent users from accessing the system on a specific day, (say, to carry out internal system maintenance), set the Start Time and End Time to the same value. For example, you could set the Start Time to 8:00 AM and End Time to 8:00 AM (as in the Saturday and Sunday example setting in the previous screenshot).
If IP address restrictions are defined for the user's profile, any login attempt from an unknown IP address is denied.
To restrict the range of valid IP addresses through the Profile menu, navigate to Setup | Manage Users | Profiles. Now choose a profile, select the Login IP Ranges link, and then click Add IP Ranges.
Enter a valid IP address in the Start IP Address field and a higher IP address in the End IP Address field.
The start and end addresses specify the range of IP addresses from which users can log in. To allow a login from a single IP address, enter the same address in both fields.
For example, to allow a login from only
18.104.22.168 as both the start and end IP addresses as shown in the following screenshot:
This check is performed if profile-based IP address restrictions are not set.
If the user's login is from an IP address listed in your organization's trusted IP address list, the login is allowed.
To go to the Trusted IP range settings, navigate to Setup | Security Controls | Network Access.
Click on New and enter a valid IP address in the Start IP Address field and a higher IP address in the End IP Address field.
The start and end addresses specify the range of IP addresses from which users can log in. To allow a login from a single IP address, enter the same address in both fields.
For example, to allow a login from only
22.214.171.124 as both the start and end addresses as shown in the following screenshot:
Each user has a list of IP addresses from which they've been activated. If the user has previously been activated from this IP address, then this IP address is added to the user's personal list.
To view and remove the login IP addresses that have been recorded by your users, go to Setup | Security Controls | Activations.
To remove an Activated Login IP, click the checkbox and then click the Remove button, as shown in the following screenshot:
To remove an Activated Login IP, click the checkbox and then click the Remove button, as shown in the screenshot above.
A cookie is a small file containing a string of characters that is sent to your computer when you visit a website. Whenever you visit the website again, the cookie allows that site to recognize your web browser.
The browser will have the Salesforce cookie if the user has previously used that browser to log in to Salesforce and has not cleared the browser cookies.
So, if the user's login is from a browser that includes a Salesforce.com cookie, the login is allowed
If the user's login is from neither a trusted IP address nor a browser with a Salesforce cookie, the login is denied and becomes blocked, and Salesforce must verify the user's identity.
A trusted, genuine user can access the Salesforce CRM application using the following means:
User interface (using a web browser)
API (for example, using an integrated client application or the Apex Data Loader)
Desktop client (for example, Salesforce for Outlook)
For access through the user interface for the first time, the user is prompted to select how they would like to receive the verification code. Here, the verification code can be received by either an SMS text message or an e-mail message depending on whether the company-wide SMS-based identity confirmation is enabled.
For new organizations, an SMS text message is the default method for the computer activation process and can only be disabled by a request to Salesforce support. For existing organizations, SMS text message activation can be enabled by you as the system administrator, but once enabled it requires a request to Salesforce support is required to deactivate it.
To receive the SMS text message verification code requires the setting SMS-Based Identity Confirmation setting to be enabled (since Spring '2014, it has been enabled by default). This feature enables users to receive a one-time PIN delivered via SMS. This is set by navigating to Setup | Security Controls | Session Settings and then enabling Enable SMS-Based Identity Confirmation.
Once enabled, users must verify their mobile phone number before taking advantage of this feature, which will present the following screenshot:
To receive an email verification code, users must have the setting Email-Based Identity Confirmation Option enabled on their profile or included as a permission set.
The Email-Based Identity Confirmation option is only available to set if the Enable SMS-Based Identity Confirmation option is enabled.
Once enabled, and if verification is required, users will automatically receive an activation e-mail to the address specified in the user's Salesforce user record. Users are notified within the Salesforce, and can enter the verification code as shown in the following screenshot:
Salesforce sends the verification code e-mail to the e-mail address associated with the user's record in Salesforce. Here, the following screenshot shows an e-mail example:
The e-mail instructs the user to enter the verification code into the browser window, which activates the device for verified login into the Salesforce CRM platform.
The activation code within the e-mail is valid for up to 24 hours from the time the E-mail me a verification code button was clicked. After 24 hours, the activation link will expire and the user must repeat the activation process.
Confusion can occur if your company has remote users that connect to Salesforce away from the company network, such as from home or from public Internet connections. The Remote users are likely to have dynamically assigned IP addresses set as their computer identity. Because of this, whenever they attempt to log in, Salesforce will identify it as an unknown IP address, prompt for verification, and the remote user will have to re-verify the device.
The remote user will then have to access the e-mail associated with their Salesforce user record to retrieve the activation e-mail, and it is here where confusion can occur. If the remote user has to access corporate web e-mail using a Virtual Private Network (VPN) connection, the clicking of the activation link may not work because the IP address that is being validated may now no longer be the same IP address used by the browser. This is because the VPN connection may likely be using a web proxy.
It is recommended that you establish a policy to ensure that the user verifies the login while connected to the VPN, or can access non-VPN-based web mail (if this is permitted in your company) to ensure that the validated IP addresses are the same.
(This is covered in more detail in the Session settings section in Chapter 2, Managing Users and Controlling System Access.)
For access using the API or a desktop client (for example, using the Apex Data Loader), the user must add their security token at the end of the password in order to log in. A security token is an automatically generated key from Salesforce. For example, if a user's password is
pa$$word, and their security token is
XXXXXX, then the user must enter
Users can obtain their security token by changing their password, or by resetting their security token via the Salesforce.com user interface by navigating to Your Name | My Settings | Personal | Reset My Security Token and then clicking on the Reset Security Token button.
When a user changes their password or resets their security token, Salesforce sends a new security token to the e-mail address associated with their Salesforce user record. The security token is valid until a user resets their security token, changes their password, or has their password reset by a system administrator.
Do not enter a security token within your password when accessing Salesforce from a web browser. It is recommended that you obtain your security token via the Salesforce user interface from a trusted network prior to attempting access from a new IP address. When a user's password is changed, the user's security token is automatically reset. The user will experience a blocked login until they add the security token to the end of their password or enter the new password after you have added their IP address to the organization's trusted IP range.
The company profile contains core information for your organization within Salesforce, some of which is captured during the initial system sign-up, and includes the following:
Company information and primary contact details
Default language, locale, and time zone
Fiscal year settings
Currencies and exchange rates
When your company signs up with Salesforce, the information provided is displayed on the Company Information page. This page can be accessed by navigating to Setup | Company Profile | Company Information.
From the Company Information page, you can edit the company default localization settings and primary contact details as shown in the following screenshot:
The company information settings for language, locale, and time zone can affect how key data is handled for the organization.
However, individual users can set their own language, locale, and time zone, overriding the organization-wide setting, by navigating to Your Name | My Settings | Personal | Language & Time Zone as shown in the following screenshot:
This is the primary language for the organization. All interface text and online help is displayed in this language. Individual users can, however, set their own language, which will override the organization-wide setting.
For global organizations, it is recommended that you consider how the setting the language impacts the user's ability to access and share information, and whether a common language is preferred to aid reporting and system administration. You can use the feature called Language Settings (described later) to restrict the languages that your users can set in their personal information language setting.
The default locale setting affects the format of the date, date/time, and number fields.
For example, a given date in the English (United States) locale would appear as 07/27/2020, and in the English (United Kingdom) locale as 27/07/2020.
Time in the English (United States) locale is displayed using a twelve-hour clock with AM and PM (for example, 3:00 PM), whereas in the English (United Kingdom) locale, they display using a twenty-four hour clock (for example, 15:00).
Numbers in the English (United States) locale would be displayed as 1,000.00 and in the German locale as 1.000,00.
However, individual users can set their own locale, which will override the organization-wide setting.
This is the primary time zone in which your organization is located, for example, the head-office location. However, individual users can set their own time zone, which will override the organization-wide setting.
The Company Information page also displays all of the base licenses, active users, and feature licenses that have been purchased by your organization.
There are four types of licenses:
User license: A user license entitles a user to different functionality within Salesforce and determines the profiles available to the user
Feature license: A feature license entitles a user to an additional Salesforce feature, such as Marketing or Offline User
Permission set license: A permission set license is used to provide a user with access to certain features that are not part of their user licenses
Usage-based entitlements: A usage-based entitlement provides periodic use of a limited resource
Currency settings are organization-wide within Salesforce, and can be set using either a single currency option, using the Currency Locale setting in Company Profile, or as a multiple currencies option where you can add currencies and set conversion rates using the Manage Currencies link within the Company Profile section.
Multiple currencies can only be enabled by a request to Salesforce customer support. When activated, the Currency Locale field and its value are passed to a new field, Corporate Currency, also in Company Profile.
The corporate currency reflects the currency in which your company reports revenue, and is used as the rate that all other currency conversion rates are based on. This is initially set by Salesforce.com when the Salesforce application is activated.
All organizations, whether using single or multiple currencies, are set by default with only one currency in the Company Profile. For single currency instances, this setting is accessed by navigating to Setup | Company Profile | Company Information, and setting the Currency Locale field. For multiple currencies, this is set by navigating to Setup | Company Profile | Manage Currencies, and then clicking the Change Corporate button.
In a single-currency organization, you set the organization-wide currency locale for your company and your Salesforce users cannot set individual currency locales.
In a multiple-currency organization, you set the corporate currency instead of the currency locale, and your Salesforce users can also set their individual currency by navigating to Your Name | My Settings | Personal | Personal Information.
Your Salesforce user's individual currency is used as the default currency in their own reports, quotas, forecasts, and any records that contain currency amounts, such as opportunities.
Currency becomes a required field on records where it has been added or was originally defined, and so must be considered when activating the Multiple Currencies option and then importing data or a custom object creation.
Users can also create opportunities (and all other data records that contain currency amounts) using any other available active currency.
The list of active currencies represents the countries or regions in which your company trades. Only an active currency can be set by you, as the system administrator on the organization profile, or by your users on their individual user records or on data records in the currency field.
The Manage Currencies section enables you to maintain a list of active currencies and their conversion rates in relation to the corporate currency, and can be accessed by navigating to Setup | Company Profile | Manage Currencies.
The Manage Currencies option appears when your organization has enabled Multiple Currencies, currently available by request to Salesforce customer support. Changing the conversion rates will update all existing records with the new conversion rates, even the closed opportunities. As a result, you will not be able to measure financial changes due to the effects of currency fluctuations unless you have implemented Advanced Currency Management, which stores dated exchange rates.
If multi-currency has been enabled and the currency is changed on a record using the Data Loader, the currency amounts are converted.
The currency of records can be changed using Data Loader by updating the standard field Currency ISO Code and setting the value to the ISO code of the new currency. Here the ISO code is a three-letter alphanumeric such as USD for US Dollars, EUR for Euros, GBP for British Pounds, and so on
If multi-currency has been enabled and the currency is changed on a record using the browser interface, the currency amounts are not converted.
The currency of records can be changed using the browser interface by updating the currency lookup but the currency amount is not converted. Therefore, if you change the currency of an opportunity which has a 450 EUR amount to GBP, the amount remains at 450 and is not converted to 384 GBP (which is 1 EUR = 0,852 GBP at the time of writing).
Dated exchange rates allow you to track conversion rates when an opportunity closes, enabling the accurate reporting of opportunity-converted amounts based on the rate that was set at the opportunity's close date. This is made possible because the historic conversion rates are stored, and rate changes after that close date can be tracked; therefore, reports can include the opportunity amount based on the conversion rate at the close date instead of the rate at the time that the report is run.
Updating currency conversion rates will not change the original opportunity amounts, only the converted amounts. Accounts and their associated contacts must use the same default currency. Account and contact records may be imported using active or inactive currencies. However, importing lead records must use active currencies only.
Dated exchange rates are activated by setting the Advanced Currency Management option, and are used for opportunities, opportunity products, opportunity product schedules, campaign opportunity fields, and reports related to these objects and fields.
When Advanced Currency Management is first enabled, your existing exchange rates automatically become the first set of dated exchange rates.
These exchange rates will be valid until you set another set of exchange rates by navigating to Setup | Company Profile | Manage Currencies | Manage Dated Exchange Rates.
If you enable Advanced Currency Management, you cannot create roll-up summary fields that calculate the currency on the opportunity object. Any existing currency-related roll-up summary fields on the opportunity object will be disabled and their values will no longer be calculated.
The fiscal year settings in Salesforce can be set by navigating to Setup | Company Profile | Fiscal Year.
Fiscal year settings in Salesforce by default use the Gregorian calendar year (twelve-month structure) starting from January 1 and ending on December 31. If your organization follows the twelve-month structure, you can use a standard fiscal year. Standard fiscal years can start on the first day of any month, and you can specify whether the fiscal year is named for the starting or ending year. For example, if your fiscal year starts in April 2020 and ends in March 2021, your fiscal year setting can be either 2020 or 2021.
Fiscal year is more complicated than this, you can define these periods using custom fiscal years. For example, as part of a custom fiscal year, you can create a 13-week quarter represented by three periods of 4, 4, and 5 weeks, instead of calendar months.
If you use a fiscal year structure, such as a 4-4-5 or a 13-period structure, you can define a fiscal year by specifying a start date and an included template. If your fiscal year structure is not included in the templates, you can modify a template. For example, if you use three fiscal quarters per year (a trimester) instead of four, delete or modify the quarters and periods to meet your needs. These custom fiscal periods can be named based on your standards. For example, a fiscal period could be called P12 or December.
Fiscal years can be modified any time you need to change their definition. For example, an extra week could be added to synchronize a custom fiscal year with a standard calendar in a leap year. Changes to fiscal year structure take effect immediately upon being saved.
The Language Settings feature allows you to specify the acceptable languages that can be used within the Salesforce CRM application.
This feature can be set by navigating to Setup | Company Profile | Language Settings.
You then choose the languages that you want to make available to users by selecting them from the Available Languages pick list and then clicking on Add.
In the following example, we have added Spanish and French along with English, and these appear in the Displayed Languages list as shown in the following screenshot:
The languages that appear in the Displayed Languages list are now shown as available options in the Language picklist section on the user's Personal Settings page, as shown in the following screenshot:
At the time of writing there are three user interface themes. There are two classic themes, namely Classic 2005 and Classic 2010, and there is a new theme called Lightning Experience.
Browser support and functionality varies depending on whether Salesforce Classic or Lightning Experience is used, and are described in more detail later on in this section.
All screenshots and setup details this book shows the Classic 2010 user interface theme.
The difference in the classic themes can be seen in the following screenshot, which appears when you attempt to change from the Classic 2005 to Classic 2010:
Not only does the new user interface theme change the look and feel of Salesforce, but it may also position some key links such as Setup and Logout under the user name for each user in your organization. The Classic 2010 user interface theme is only available for use by users with supported browsers as detailed later in the Supported browsers section.
At the time of writing there are three different user interface themes namely: Salesforce Classic 2005, Salesforce Classic 2010, and Lightning Experience. The Browser support for these themes at the time of writing is as follows.
The following browsers are supported by Salesforce for use with Salesforce Classic 2005:
The following browsers are supported by Salesforce for use with Salesforce Classic 2010:
The following browsers are supported by Salesforce for use with Lightning Experience:
Google Chrome, most recent stable version
Microsoft Edge for Windows 10
Mozilla Firefox, most recent stable version
Apple Safari version 8.x and 9.x on Mac OS X
Salesforce will possibly redirect you to Salesforce Classic when using Microsoft Internet Explorer versions 9-11 within Lightning Experience. However, since the Summer '2016 release, Salesforce has stated that users of existing organizations can continue to access Lightning Experience with Microsoft Internet Explorer version 11 (IE11) until December 16, 2017, but users of new organizations created after Summer '2016 will not be able to use IE11 to access Lightning Experience, and will automatically be redirected to Salesforce Classic.
Along with the user interface theme, there are many other aspects of the user interface that can be set up in Salesforce to present the optimum user experience to the users in your organization.
Additional user interface options include User Interface Settings (such as collapsible detail page sections and inline field editing), Sidebar Settings (Collapsible Sidebar settings and Custom Sidebar Components on All Pages), and Calendar Settings (such as Home Page Hover Links for Events and Drag-and-Drop Editing on Calendar Views).
There are also some administrator-specific settings that can improve your users' experience with the application located under the Setup settings. It also includes the Enhanced Page Layout Editor and Enhanced Profile List Views Settings.
Selection of the User Interface option can be carried out by navigating to Setup | Customize | User Interface.
The User Interface option is the final option in the Customize section on the left-hand setup sidebar.
The User Interface screen is as shown in the following screenshot:
In the following sections, we will look through the various User Interface settings one by one.
Collapsible Sections enables your users to collapse or expand sections on record detail pages using the arrow icon next to the section heading. Sections remain expanded or collapsed until the user changes their settings for that section. Salesforce will store a different setting for each record type if the record types have been set up as shown in the following screenshot:
When enabling collapsible sections, you need to ensure that the section headings have been entered on the page layouts.
Clicking on the triangle icon toggles between showing and hiding the section, as shown in the following screenshot:
The Show Quick Create option adds the Quick Create fields section to the sidebar on the Record tab page to enable users to create a new record using minimal data fields, as shown in the following screenshot:
The Show Quick Create option also controls whether users can create new records from within the Lookup dialog. With this setting enabled, users see a New button in the Lookup dialog screen. The following example shows the creation of a new account within the account Lookup dialog while working with an opportunity record:
Clicking on the New button reveals the fields that are available for creating the new record.
The option to create new records and displaying the New button in the Lookup dialog are only available for accounts and contacts. Also, users still need the appropriate Create record permission to enter data with Quick Create, regardless of whether the entry fields are displayed.
Disable the Quick Create option:
The Quick Create option does not allow you to configure the data entry screen, so any custom fields that need to be populated there will not be included. Also, when saving records using the Quick Create option any validation rules associated with the record are not triggered. These features allow records to be created that do not conform with your company's business rules and data integrity requirements so it is advisable to disable the Quick Create option.
The Enable Hover Details option allows users to view interactive information for a record by hovering the mouse pointer over a link to that record in the Recent Items list on the sidebar or in a lookup field on the record detail page. The fields displayed in the hover details are determined by the record's mini page layout, which is set at the page layout edit screen.
In the following screenshot, we are hovering the mouse pointer over a link to a record in the Recent Items list on the sidebar:
In the following screenshot, we are hovering the mouse pointer over a lookup field on the record detail page:
To view the hover details for a record, users require the appropriate sharing access to the record, and field level security to the fields, in the mini page layout, which is set at the page layout edit screen (seeChapter 3, Configuring Objects and Apps).
This option enables related list hover links to be displayed at the top of standard and custom object record detail pages. It allows users to view the related list and its records by hovering the mouse pointer over the related list link. Users can also click on the related list hover link to jump down directly to the Related List section without having to scroll down the page.
This option enables the separate loading of record detail pages. First, the primary record detail data loads, and then the related list data. This option serves to improve the display performance for organizations with a large number of related lists on record detail pages. When the page is loaded, the record details are displayed immediately; afterwards the related list data loads, during which the users see a progress indicator for the related list.
You will see that the related list sections are not yet loaded. They appear as [...] while the primary record detail (for the account example) is loaded immediately, as shown in the following screenshot:
After the primary record detail has loaded (the account page), the related lists are then loaded. You can see that the number of records for the Contacts related list is now displayed as .
This option does not apply to pages for which you cannot control the layout (such as user pages or Visualforce pages).
This option is related to the setting Enable Separate Loading of Related Lists, and enables a separate loading of record detail pages and related lists of standard and custom objects.
External objects are similar to custom objects (described in Chapter 3, Configuring Objects and Apps), however the mapped data is not stored inside Salesforce, so there may be delays in loading due to the availability of the external data source and network latency. The Enable Separate Loading of Related Lists of External Objects option is enabled by default.
This option allows users to change field values directly within the record detail page, avoiding the need to load the record edit page first. By double-clicking on the field to be edited within the detail page, the field changes to become editable. The new value can then be entered and saved, or the action can be undone using the Undo button.
First, the field is highlighted by hovering over it with the mouse to reveal the pencil icon indicating that the field is editable, as follows:
Double-clicking the field causes the field to switch from View mode to Edit mode to allow a new value to be entered, as follows:
After a new value has been entered, the value is displayed in orange text and the user has the option of undoing the change using the Undo button, as follows:
The changed value and the detail page can then be saved in the standard way using the Save button, as follows:
To check if inline editing is enabled for your organization, and to discover which value can be edited, you can hover over a value with your mouse and note the result. A field that is editable will have a pencil icon to the far right of the value when the mouse is hovered over it. A field which is non-editable will have a padlock icon to the far right of the value when the mouse is hovered over it.
This option is enabled by default. Certain fields cannot be changed using inline editing, such as System Fields (created by, last modified by, and so on), Calculated Fields (formula, auto number, roll-up summary, and so on), Read-Only Fields, and Special Fields (such as owner and record type).
This option provides the user with the ability to view, customize, and edit list data, which is the resulting data section that is rendered from Views. When enabled along with the Enable Inline Editing setting, users can also edit records directly within the list without having to move away from the page, as shown in the following screenshot:
With enhanced lists enabled, users can perform the following actions:
Create a new view, or edit, delete, or refresh the existing view.
Navigate through list results by clicking the first, previous, next, and last page links at the bottom of the list. You can jump directly to a specific page by entering a number in the textbox in the lower-right corner. You can also change the width of a column by dragging the right side of the column heading with the mouse. Changes made to column widths apply to that specific list only and are recalled whenever that list is viewed. Please note that, when columns are added or removed from a list, any column width settings for that list is discarded.
Change the order in which a column is displayed by dragging the entire column heading with your mouse to the desired position. For your users who have permission to edit the list definition, the changes are saved for all who see the list. For your users without permission to edit the list definition, their changes are discarded after leaving the page.
If inline editing is enabled for your organization, values can be entered directly into the list by double-clicking on individual field values. Users who have been granted the Mass Edit from Lists option on their profile can edit up to 200 records at a time.
The Mass Edit from Lists option only appears on the profile if inline editing is enabled.
A mass edit is performed by first selecting the records to be edited using the checkboxes and then clicking on one of the fields to be edited.
Upon clicking on the field, a new pop-up window is displayed asking whether the change is to be applied to just the selected record or to all records that have been selected. In the following screenshot, we see an example where two account records have been selected, and where one of the record's billing street fields has been clicked.
This feature only allows mass edits; users cannot mass-delete:
Remind users that they cannot mass delete records:
As a system administrator, you may need to remind users that they cannot mass delete records as occasionally users may try to mass delete using the only visible Delete link, which is, in fact, the link to delete the View as shown in the following screenshot. Communicating this fact will hopefully save you from having to recreate any views that have been deleted in error.
On the Account, Contact, and Lead List views, there is an Open Calendar link at the bottom of the page to display a weekly view of a calendar underneath the list. A record can be dragged from the list to a time slot on the calendar to create an event associated with the record.
To perform inline editing on an enhanced list, the Advanced Filter options must be turned off in the list view filter criteria. Some standard fields do not support inline editing. For example, Case Status, Opportunity Stage, and several of the Task and Event fields can only be edited from the record edit page.
The number of records displayed can be changed per page by setting the view to 10, 25, 50, 100, or 200 records at a time. When this setting is changed, navigation is set to the first page of the list results, as shown in the following screenshot:
If users change the number of records to be displayed per page, that setting is applied to all the lists (not just the current list).
Also, if the option of displaying 200 records is selected, a warning message appears, as it can reduce performance, as shown in the following screenshot:
At the time of writing there are three different user interface themes, namely Salesforce Classic 2005, Salesforce Classic 2010, and Lightning Experience.
Enabling the Salesforce Classic 2010 user interface theme activates the most recent version of Salesforce Classic, the interface theme that predates Lightning Experience. Disabling this option activates the Salesforce Classic 2005 user interface theme.
The Tab Bar Organizer automatically arranges user's tabs in the tab bar to control the width of the CRM application pages and prevent horizontal scrolling. It dynamically measures how many application tabs can be displayed, and puts tabs that extend beyond the browser's current width into a drop-down list displayed on the right-hand side of the tab bar, as shown in the following screenshot:
This option allows users to easily print list views.
If this is enabled, users can click on the Printable View link (the printer logo) located in the top-right corner on any list view to open a new browser window. Within the new window, the current list view is displayed in a print-ready format, as shown in the following screenshot:
This option allows users to click on the Printable View link from any list view, which opens a new browser window displaying the current list view in a print-ready format.
This option allows you to customize the tabs on the Chatter user profile. The way to customize Chatter user profile pages is described in detail later in Chapter 8, Introducing Sales Cloud, Service Cloud, and the Collaborative Features of Salesforce CRM. In the following example screenshot, we have customized the Chatter user profile page tabs and added the Learning Zone tab, which results in the following modified page:
The Winter' 2014 release saw this feature being automatically enabled.
This enables you to add custom tabs or remove default tabs such as the default Feed and Overview tabs. Custom tabs are available by customizing Subtab Apps, which are described in more detail in Chapter 3, Configuring Objects and Apps. If this option is disabled, users only see the default Feed and Overview tabs.
When this option is selected, an announcement banner appears on certain pages.
Released as part of the Summer '2014 release, the Salesforce Notification Banner appears on the setup area for your organization and on pages for accounts, contacts, and dashboards.
Your users can prevent the banner from appearing on all pages by clicking the Close button, or you can prevent the Salesforce Notification Banner from appearing across your entire organization by disabling this option.
Since the Summer '2016 release, Salesforce has stated that existing organizations can continue to use Microsoft Internet Explorer version 11 (IE11) to access Lightning Experience until December 16, 2017 (after this date, users will be automatically redirected to Salesforce Classic).
The Disable Lightning Experience IE11 Support Deprecation Notification option enables you to prevent screen notifications from appearing when users in your organization access Lightning Experience-activated Salesforce, to cater for your own strategy for transitioning browser use away from IE11. See the Supported browsers section earlier in this chapter for more information.
The following options are available to help users view and edit information on the sidebar, which is presented in the left hand, vertical section of the screen:
Enable Collapsible Sidebar
Show Custom Sidebar Components on All Pages
We will now cover the sidebar options in detail.
The collapsible sidebar gives users the ability to show or hide the sidebar on every Salesforce page where the sidebar is included. When this option is selected, the collapsible sidebar becomes available to all users in your organization. However, each user can set their own preference for displaying the sidebar. Users can set the sidebar to be permanently displayed or they can collapse the sidebar and show it only when needed.
If you have custom home page layouts that include components in the sidebar, this option displays the sidebar components on all pages in Salesforce and for all users. If only certain profiles are allowed to view sidebar components on all pages, you can assign a Show Custom Sidebar on All Pages permission to just those profiles.
The following options are available to help users view and edit information on calendar sections and views:
Enable Home Page Hover Links for Events
Enable Drag-And-Drop Editing on Calendar Views
Enable Click-And-Create Events on Calendar Views
Enable Drag-And-Drop Scheduling on List Views
Enable Hover Links for My Tasks List
Let us see what they are in detail.
This option enables hover links in the calendar section of the Home tab, and allows users to hover the mouse over the subject of an event to see interactive information for that event.
This option enables your users to drag and drop existing events around their daily and weekly calendar views to reschedule events without having to navigate from the page to the event creation page. Loading performance of the calendar control may suffer with this option enabled. Drag-and-drop editing is not available for either multi-day events or on console calendar views. Also, this option is enabled by default.
This option enables the creation of events on daily and weekly calendar views by double-clicking on a specific time slot and entering the details of the event in an interactive section. The fields presented in the interactive section are set using the mini page layout on the Event page layout screen.
This option enables users to create events by dragging the record to be linked from the list view onto the weekly calendar view. Upon dropping, an interactive section for the event detail is displayed where the fields available are set using the mini page layout.
The Name settings feature allows additional fields to be accessed for person objects in Salesforce in order to help avoid confusion when two person records have identical first and last names.
This setting adds the middle name field to person objects such as the Contact, Lead, Person Account, and User objects.
There are administrator-specific user interface settings, which that can improve your experience with the application, located under the Setup settings. They allow for the following options:
Enable Enhanced Page Layout Editor
Enable Enhanced Profile List Views
Enable Enhanced Profile User Interface
Enable Streaming API
Enable Dynamic Streaming Channel Creation
Enable Set Audit Fields upon Record Creation and Update Records with Inactive Owners User Permissions
Enable Custom Object Truncate
Enable Improved Setup User Interface
Enable Advanced Setup Search
Let's see what they are in detail.
This option enables the Enhanced Page Layout Editor for editing page layouts with a feature-rich WYSIWYG (for What You See Is What You Get) editor.
This option enables the enhanced list views and inline editing on the profiles list page, which allows you to manage multiple profiles at once.
To navigate to the Profile menu, go to Setup | Manage Users | Profiles. Now select a profile and click on Create New View, as shown in the following screenshot:
The following three steps produce a list of profiles that allow you to modify multiple profile settings at once:
Enter View Name.
Specify Filter Criteria.
Select Columns to Display.
Now that the profile view has been created, we can select multiple profiles to manage all at once, as shown in the following screenshot:
You can display multiple lists of profiles that can be selected and actioned, as shown in the following screenshot:
You can also modify multiple profile selection to apply the setting to all the profiles, as shown in the following screenshot:
The Enable Enhanced Profile User Interface option allows you to enable the Enhanced Profile User Interface, which then offers the following features to help you:
Find permissions and settings: Here, you can start typing a specific permission or setting name in the Find Settings box, and then choose from a list of matching results
Edit profile properties: Here, you can change the name or description of a profile
Assigned Users: Find out who belongs to a profile by clicking on the Assigned Users button to see a list
Browse permissions and settings, for both, app and system properties: Here,app-related system permissions and settings are grouped on individual pages, where the profile overview page provides a descriptions and links
This option enables the use of the Force.com Streaming API in your organization. The Streaming API provides near real-time streams of data from the Force.com platform. You can create topics to which applications can subscribe and receive asynchronous notifications of changes to data in Force.com.
This option is a feature of the Streaming API; when enabled, it results in the dynamic creation of streaming channels when clients subscribe (if the channel has yet to be created).
This option allows you to set audit fields (such as record creation date) that are read-only by default when records are created using the Salesforce API. you can create records through using tools such as the Data Loader, which is a client application that makes use of the Salesforce API. This setting also allows you to update records that have inactive owners.
Available since the Winter '16 release, this setting makes it easier to migrate historic data to Salesforce and mass-update records not owned by active users. Previously, you needed to contact Salesforce Support to temporarily allow these features. When this option is enabled, it results in two new System Permissions being available in Profiles and Permission Sets that can be assigned to users.
Select the Enable Custom Object Truncate checkbox to activate truncating custom objects, which permanently removes all of the records from a custom object while keeping the object and its metadata intact for future use.
When this option is enabled, a Truncate button appears in the list of edit buttons within the custom object setup page.
Truncating custom objects is a quick way to permanently delete all of the records from a custom object. Take the example of a custom object that has been created and filled with test records. When testing is complete and the test data is no longer required, you can truncate the object to remove the test records, but keep the object ready to be deployed into production. This is much quicker than batch-deleting records and having to recreate the custom object.
Truncating a custom object permanently removes all of its records, and you cannot recover the records from the Recycle Bin. A copy of the truncated object appears in the Deleted Objects list for 15 days, during which the object and its records continue to count towards the organization's data limits. The copied object and its records are then permanently deleted after 15 days.
When the Improved Setup User Interface is enabled in an organization, you might notice several differences from the original user interface.
The Setup menu is accessed from the Setup link in the upper-right corner of any Salesforce page. It is arranged into the following goal-based categories:
Administer, Build, Deploy, Monitor, and Checkout.
Personal settings, which all Salesforce users can edit, are available from a separate My Settings menu.
When enabled, this option allows you to search for Setup pages, custom profiles, permission sets, public groups, roles, and users from the sidebar search textbox within the Setup area. When the option is disabled, you can search for Setup pages only.
As you type in the sidebar Setup search box, any options that match your search term appear in the Setup menu. When you press Enter, you will be presented with a page listing any matching permission sets, custom profiles, public groups, roles, or users.
Advanced settings provides the activation of two features: activation of Extended Mail Merge and the option to Always save Extended Mail Merge documents to the Documents tab.
This option enables the Mass Mail Merge link to be available in the Tools area on the home pages for accounts, contacts, and leads.
When enabled, this option also sets single mail merges requested from the Activity History-related list on a record to be created with the
Extended Mail Merge function. The
Extended Mail Merge function is activated using a wizard comprising the following steps:
In the Tools area, click Mass Mail Merge to start the mass mail merge wizard. Choose a list view from the View drop-down list and select the records to include in the mail merge. Selecting the checkbox in the column header will select all records currently displayed on the page.
Select the types of Word documents to be generated from the multiple selections of documents, envelopes, and labels. Select the optional Log an Activity checkbox to log the creation of these mail merge documents, which adds a completed task to each record.
Select the appropriate mail merge templates. For documents, choose whether to create one Word document that includes all output or a separate Word document for each record. Click the optional Preview Template button to review the pre-loaded mail merge template.
Although the document preview is editable, do not edit it in Word as the changes will not be saved to your current mail merge request. You have to make a new mail merge template and upload this first.
With Extended Mail Merge, the mail merge operation cannot exceed 1,000 records, the selected mail merge template(s) total size cannot be greater than 1 MB, and the number of records multiplied by the combined size of the mail merge templates cannot be greater than 50 MB. Also, Extended Mail Merge is available by request from Salesforce customer support.
This option stops the sending of the mail merge documents as e-mail attachments, instead storing them in the user's personal documents folder on the Documents tab. Users are still sent e-mails as confirmation when their mail merge requests have completed, and these e-mails contain links to the documents in the Documents tab.
Salesforce.com uses custom algorithms that consider the following within searches:
The search terms
Ignored words in search terms (for example, the, to, and for)
Search term stems (for example, searching for speaking returns items with speak)
Proximity of search terms in a record
Record ownership and most recently accessed records
A user might not, therefore, have the same search results as another user performing the same search because searches are configured for the user performing the search. For example, if another user recently viewed a record, the record relevancy increases, and the record moves higher in their search results list. Records that are owned by the user also move higher in their search results. There are currently three types of search, as follows:
Let's see what they are, shall we?
From the Sidebar Search box, users can search a subset of record types and fields.
Wildcards and filters can be used to help refine the search.
A wildcard is a special character or token that can be used to substitute for any other character or characters in a string. For example, the asterisk character (*) is used to substitute zero or more characters. More information about wildcard characters can be found using the following link: http://en.wikipedia.org/wiki/Wildcard_character .
Advanced Search in the sidebar allows searching for a subset of record types in combination and offers more fields including custom fields and long text fields, such as descriptions, notes, tasks, and event comments. Wildcards and filters can be used to help refine the search.
From the Global Search box, users can search more types of records, including articles, documents, products, solutions, Chatter feeds, and groups. Users can also search more fields, including custom fields and long text fields, such as descriptions, notes, tasks, and event comments. Wildcards and filters can be used to help refine the search.
To enable Global Search, you must enable Chatter. If Global Search is enabled, Sidebar Search and Advanced Search are disabled. Global Search is not supported in Partner Portal or Customer Portal. Only users with supported browsers can use Global Search, as it has indirect dependencies on the new theme user interface.
Your search term must have two or more characters. Special characters, such as
) are not included in the character count. For example, a search for
m* will fail to return any search results.
Search terms are not case-sensitive. For example, a search for martin returns the same results as the search for
Finding phone numbers can be done by entering part or all of a number. For example, to find
(512) 757-6000, enter
6000. To search for the last seven digits, you must enter the punctuation, such as
In Chinese, Japanese, and Korean, you can find a person by entering the last name before the first name; searching for
howard trevor returns any person named Trevor Howard.
If you're using Advanced Search or Global Search, refine your search using operators such as AND, OR, and AND NOT. If you're using Advanced Search or Global Search, search for exact phrases by selecting the Exact Phrase checkbox, or by putting quotation marks around multiple keywords; for example,
"phone martin brown" returns results with phone martin brown, but not martin brown phoned or phone martina browning.
If you're using Sidebar Search, your search string is automatically treated as a phrase search. Search for partially matching terms using wildcards as follows:
Asterisks match one or more characters at the middle or end (not the beginning) of your search term. For example, a search for
brown* finds items that start with variations of the term brown, such as browning or brownlow. A search for
ma* brown finds items with martin brown or mandy brown. If you're using Sidebar Search, an asterisk (*) is automatically appended at the end of the search string
If you're using Global Search, question marks match only one character in the middle (not the beginning or end) of your search term. For example, a search for
ti?a finds items with the term tina or tika, but not tia or tinas. Fields on custom objects are only searched if you have added a custom tab for the object.
If using Sidebar Search or Advanced Search, question marks match only one character in the middle or end (not the beginning) of your search term.
There are various search options that can be customized to change the way information can be searched by your users in Salesforce. These options either present enhanced search features that are visible as a part of the user interface, or are invisible and used to optimize searching behind the scenes. The Search settings can be set by navigating to Setup | Customize | Search | Search Settings.
The following screenshot shows the search settings that are available if Chatter is not activated in your Salesforce CRM application:
By activating Chatter, the Global Search setting is automatically enabled and provides the following reduced set of options:
In the following sections, you will see how to work with various search settings:
The Limit to Items I Own option allows your users to restrict the search results to find only the records of which they are the record owner when searching in the sidebar.
This option allows users to perform a full text search of a document. When new documents are uploaded or an existing document is updated, its contents are available as search terms to retrieve the document.
This option optimizes searching for Japanese, Chinese, and Korean language sets. It affects Sidebar Search and the account search for Find Duplicates on a lead record in Sidebar Search and Global Search.
This option causes the list of records returned from a user autocomplete lookup and from a blank user lookup to be generated from the user's recently viewed user records. By not enabling this option, the dialog shows a list of recently accessed user records from across your organization.
This option creates a drop-down list in the Search section to appears, which allows users to limit searches by the type of record.
This option is used with the Articles and Article Management tabs, in the Articles tool in Case Feed, and in the Salesforce Knowledge sidebar in the Salesforce console.
This setting applies only to article searches via the API and not to article searches when using the Global Search.
When enabled, any search suggest, and searches for alternate spellings of English search terms.
This option provides the functionality whereby, users start typing search terms, the Sidebar Search displays a matching list of recently viewed records.
This option allows users to skip the search results page and navigate directly to the Record Detail page if their search produces a single result.
The Number of Search Results Displayed Per Object option allows you to configure the number of items that are returned for each object in the Search Results page. The current setting is in brackets next to each object where the new value must be between 5 and 50.
The Lookup Settings section of the Search Settings page allows you to enable enhanced Lookups and lookup auto completion for Accounts, Contacts, Users, and Custom objects.
Enhanced Lookups provides an enhanced interface for your users to sort and filter search results by any field that is available in regular search results, as shown in the following screenshot:
With Enhanced Lookups enabled, users can hide and reorganize the columns that are displayed in the results window. Enhanced Lookups returns all records that match the search criteria, and allow you to page through large sets of search results.
After enabling Enhanced Lookups, you must specify which fields users can use to filter lookup search dialog results. This is set by accessing search layouts and choosing the fields from the Lookup Dialog Fields layout.
For custom objects, this is done by navigating to Setup | Create | Objects. Choose the object you want to modify, scroll down to the Search Layouts-related list, and choose the fields from the Lookup Dialog Fields.
For Accounts, Contacts, or Users, this is done by navigating to Setup | Customize, then going to Accounts, Contacts, or Users, and then Search Layouts. Then, choose fields from Lookup Dialog Fields, as shown in the following screenshot:
Currently, only Accounts, Contacts, Events, Users, Chatter objects, and custom objects can use the enhanced lookup settings.
When the Lookup Auto-Completion option is enabled, your users are shown a dynamic list of matching, recently used records when they edit a lookup field.
You will now be presented with questions about the key features of Salesforce CRM administration (in the organization setup and global user interface areas) that have been covered in this chapter. The answers can be found at the end of the chapter.
We present four questions to verify your understanding of the user login and authentication mechanism, company profiles, fiscal years, and the user interface.
A new field-based salesperson has joined
WidgetsXYZ and started using Salesforce for the first time. You are the administrator at
WidgetsXYZ, and the salesperson is telling you that they are always prompted to activate their laptop and always use the same browser. How would you respond? (Select all that apply).
a) Verify that the Trusted IP Ranges for Salesforce have been configured correctly.
b) Verify that Login hour restrictions for Salesforce have been configured.
c) Verify that browser cookies are being stored on the salesperson's laptop correctly.
d) Explain to the salesperson that this is normal behavior and that the laptop is responding as expected.
Which settings can be modified for individual users? (Select all that apply)
b) Search settings
e) User Interface
WidgetsXYZ company has 13-week fiscal quarters made up of 4, 4, and 5 weeks instead of calendar months. What can you do to enable reports to capture activity for the correct quarter? (Select one)
a) Modify the reports to filter dates using these weekly periods.
b) Modify the Standard Fiscal Year for these weekly periods.
c) Enable Custom Fiscal Years to capture these weekly periods and revert back to Standard Fiscal Years if necessary.
d) Enable Custom Fiscal Years to capture these weekly periods and be aware that you cannot revert to Standard Fiscal Years.
Here are the answers to the four questions about user login and authentication mechanism, the company profile, fiscal years, and the user interface.
The answer is a) Verify that the Trusted IP Ranges for Salesforce have been configured correctly. Salesforce stores a cookie in the browser and activates that device, and prevents the user from being prompted for an activation code when they log in from different IP addresses. If the user has blocked cookies or is deleting them in the browser they would experience this behavior.
The answers are a) Currency, c) language, and d) Locale. They can be modified for individual users.
b) User interface and e) Search settings cannot be modified for individual users as they are global setting affecting all users.
Default locale, language, and currency are set on the company profile, but these setting can be overridden for users with the values that are set at an individual level.
The answer is d) Enable Custom Fiscal Years to capture these weekly periods and be aware that you cannot revert to Standard Fiscal Years.
Enabling custom fiscal years is not reversible and you cannot revert to standard fiscal years. You can, however, set custom fiscal years to mirror the standard fiscal year. Because fiscal quarter is based on weekly periods and not months, Standard Fiscal Years cannot accommodate reporting, which is why Custom Fiscal Years are required.
The answers are c) Hover details, d) Enhanced list views, and e) Enable Printable List Views. These are all settings within the user interface and affect all users when set.
a) Language settings and c) Time zone settings are specified on the company profile, where they provide the default values; however, users can override these and set them on their personal settings.
This chapter looked at the mechanisms in place to help manage login access to the Salesforce CRM application and how organization-wide settings can be set to determine your company-specific information within Salesforce.com.
We also looked at the options to set up and configure the look and feel of the application, along with details of the methods used to search for information in Salesforce.
Notes and tips gained from the experience of Salesforce CRM system administration were outlined to help guide and improve the implementation and understanding of these features.
Finally, we posed some questions to help clarify some of the key features of Salesforce CRM administration in the areas of organization setup and the global user interface.
Having looked at these core customization feature sets, we will now look at how profiles and sharing in Salesforce CRM govern what functionality and access permissions a user has throughout the application.