User Setup & Login Process

Question 1

Explain the concept of record ownership.

Answer 1

Every record in Salesforce must have an owner. Records can be owned by either users or queues. By default, the user that creates the record is the owner. Record owner is typically used to determine responsibilities (e.g. I manage the leads that I own), reporting (I am credited for the opportunities that I own), record security (discussed in Security Model – Free), and for a variety of other purposes.

Question 2

Explain the difference between production and sandbox environments.

Answer 2

A sandbox is a copy of a production environment, commonly used for testing and development. Sandbox and production environments use different login URLs:

Production: https://login.salesforce.com
Sandbox: https://test.salesforce.com

Question 3

What are the different types of Sandboxes?

Answer 3

TYPE COPIES METADATA COPIES DATA REFRESH LIMIT DATA LIMIT

• *Developer** Yes No Daily 200MB
• *Developer Pro** Yes No Daily 1GB
• *Partial Data** Yes Partial 5 Days 5GB
• *Full** Yes Yes 29 Days Same as Production (at time of copy)

Question 4

Explain the importance of Salesforce user records.

Answer 4

An active user record is required to login to Salesforce. Records can only be assigned to an active user or a queue.

• 1 Person = 1 User = 1 User License
• Cannot be Deleted
• User name must be Unique (All Orgs)
• Record Assignment (Active User/Queue)

Question 5

What determines what a user can perform?

Answer 5

Licensing (User & Feature) and Permissions

Question 6

User Licesne Types

Answer 6

1. Salesforce (Sales and Service Cloud)
2. Salesforce Platform & Force.com (Custom Apps)
3. Chattter (Chatter)

CRM Apps & Data

• 1. Yes
• 2. Limited/None
• 3. Limited/None

Question 7

Key User Settings

Answer 7

Licsensing - What security they can be granted (User License; Feature License)

Security - What the use can do (Role; Profile)

Localization - How information is displayed to the user (Locale; Language; Time Zone; Currency)

Question 8

Explain the difference between deactivating and freezing a user account.

Answer 8

Freezing a user account will temporarily prevent a user from logging in (e.g. during a maintenance window, or if configuration prevents user deactivation), while deactivation of a user completely revokes access.

Question 9

Things to consider when deactivating a user.

Answer 9

• Deactiving a user doesn’t delete records they own. The user still owns them until they are transfer to another user.
• Chatter profile still appears, but as inactive. He is removed from other’s profiles that were following him, and followers lists.
• You cannot deactive a user if they are default owners of leads or the sole recipient of a workflow email alert.
• A deactivated user doesn’t count against your organization’s available user licenses. However, deactivating a user doesn’t reduce the number of licenses for which your organization is billed; you must change your organization’s license count to change your billing.
  *

Question 10

Freezing User Accounts

Answer 10

• To prevent users from logging into your organization while you perform the steps to deactivate them, you can freeze user accounts.
• Freezing user accounts doesn’t make their user licenses available for use in your organization. You must deactivate user accounts to make their user licenses available.

Question 11

Describe Queues

(Setup > Manage Users > Queues)

Answer 11

• Queues help your teams manage leads, orders, cases, service contracts, and custom objects.
• Once records are placed in a queue manually or through an automatic case or lead assignment rule, records remain there until they’re assigned to a user or taken by one of the queue members.
• Examples: Lead queues, Case queues, Knowledge article version queues, Service contract queues, Custom object queues.

Question 12

Explain the difference between user and feature licenses.

Answer 12

• Every user must be assigned one (and only one) user license. This is their primary license.
• Users can also optionally be assigned one or more feature licenses. ___________________________
• Standard User Licenses
• Chatter User Licenses (External, Free and Only (plus))
• Communities (All external: Customer, Customer Plus & Partner)
• Service Cloud Portals
• Sites and Site.com (Guest or Site only users)
• Authenticated Website (used with Force.com sites)

Question 13

Explain how licensing influences what actions a user can perform

Answer 13

• The combination of a user’s licenses and permissions determines what functionality they can access and what actions they can perform within Salesforce.
• For instance, to create a campaign within Salesforce, the user must have the Salesforce user license, the Marketing User feature license, and the permission to create campaign records (via profile or permission set). See Security Model – Free for details.

Question 14

Explain the implications of user localization settings.

(Setup > Company Profile >Company Information)

Answer 14

• Locale: changes display of dates, times, numbers, names, and addresses.
• Language: determines which language translatable elements (UI, fields, etc.) are displayed in to the user.
• Time zone: determines the offset used to display time references in Salesforce (similar to changing the time zone on your computer).
• Currency locale: configured org-wide unless multiple currencies is enabled. Determines the formatting of currency fields, and used to determine currency conversion when multiple currencies is enabled.

Question 15

Describe the translation capabilities of Salesforce

Answer 15

Salesforce has several tiers of language support; each supports translation to a different degree. Regardless of the language tier, custom elements (such as custom fields, objects, and picklist values) must be translated using the translation workbench.

Salesforce offers three levels of language support: fully supported languages, end-user languages, and platform-only languages. All languages are identified by a two-character language code (such as en) or a five-character locale code (such as en_AU).

Question 16

Describe the capabilities of Salesforce to manage multiple currencies.

Answer 16

• By default, Salesforce supports one currency within an org.
• Multiple currencies can be enabled by feature request, and allows for static conversion rates between currencies. As of the Winter 15 release, the “Allow Support to Activate Multiple Currencies” checkbox is exposed under setup (Company Profile –> Company Information); however, you must still raise a case with Salesforce to enable the feature after checking this box in setup.
• Once multiple currencies is enabled, advanced currency management allows for dated exchange rates (e.g. use the exchange rate at the opportunity’s close date instead of a static rate).

Question 17

Describe the different methods that can be used to authenticate to Salesforce.

Answer 17

• Website: The standard Salesforce user interface.
• API: Used for programmatic access, such as the data loader.
• Single Sign On (SSO): Not discussed.
• OAuth: Not discussed.

Question 18

• Login Method
• Login URLs
• Login Hours
• Login IP Ranges
• Trusted IP Ranges
• Computer Activation
• Security Token

Answer 18

Question 19

Login Methods and URLs

Answer 19

• Web Browser (May Require Computer Activation)
• API (Application Program Interface)
  
  • -Data Loader
  • -May require Security Token
• Single Sign On (SSO)
• OAuth (like Chatter Desktop)

URLs (whatever enviroment you are using, you must log into it)

Production (https:login.salesforce.com)

Sandbox (https:test.salesforce.com)

Question 20

Login Hours & IP Ranges

(Setup>Manage Users>Profiles>edit)

Answer 20

Hours

• Prevent loging Exect for Specific Times
  
  • Prevent login during non-working hours
  • Prevent login during maintenance

IP Ranges

• Prevent loging Except for Specific IP Addresses
  
  • Prevent login from home
  • Prevent login without VPN connection

Question 21

When is Computer Activation Required?

Answer 21

Required when Login Identity NOT confirmed

• Login from Trusted IP Range
• User Previous Login from Browser (Cookie)
• User Previous Login from Current IP Address

Question 22

What is a Security Token?

(Your Name>My Settings>Reset My Security Token)

Answer 22

String Attached to the End of Password

Required for Login via API (excpet from Trusted Nextwork)

Question 23

Describe the settings an administrator controls to conditionally allow or prevent user authentication.

Answer 23

• Login IP Ranges are used to prevent login except from specific IP addresses.
• Login Hours are used to prevent login during certain hours of the day.
• The permission (profile/permission set) “API Enabled” is required for a user to authenticate via the API.

Question 24

How do you set company level IP Ranges?

Answer 24

Navitage to:

Setup>Security Controls>Network Access>New>Add new IP Addresses

** Users outside of th range are sent an activation code**

Question 25

How do you set profile level IP Ranges?

Answer 25

Naviage to: Setup\>Manage Users\>Profiles\>Select a Profile\>Login IP Ranges Section **Users outside of this range are denied access**

Question 26

How do you set profile level login hours?

Answer 26

Naviage to: Setup\>Manage Users\>Profiles\>Select a Profile\>Login Hours Section **Specified Hours are enforced**

Question 27

Describe computer activation, and under what conditions it occurs.

Answer 27

Computer activation is designed to prevent unauthorized access to Salesforce.com, particularly in the event of a hijacked username and password. Computer activation is required when all of the following conditions are **false:** * 1. The user is logging in from within a Trusted IP range. * 2. A browser cookie indicating a prior login is present. * 3. The user has logged in from the current IP address previously.

Question 28

Describe the capabilities of SMS based identity confirmation and two factor authentication.

Answer 28

Salesforce.com now offers the ability to perform identity confirmation via SMS (text message) or via email. SMS provides an additional layer of security in case email credentials are compromised. Two factor authentication refers to requiring two independent mechanisms to successfully authenticate. The most common example of this is a username/password combined with a randomly generated number (similar to computer activation - however, the randomly generated number may be generated by another system or device, and is required for every authentication).

Question 29

How to setup two step authentication.

Answer 29

Setup\>manage users\>permission sets\>create new Then SEARCH System Permissions for Two-Factor Authenitcation for User Logins Edit\>CHECK box and Save Then assign to a user User\>User Detail\>Persmission Set Assignments\>Edit\>Add Two Step\>Save Then next time the user login the user will be prompted to use Authtenicator

Question 30

Describe how to monitor computer activations.

Answer 30

To monitor and revoke activations, navigate to Setup --\> Security Controls --\> Activations.

Question 31

Describe the security token, and under what conditions it is required.

Answer 31

The security token is mechanism designed to prevent unauthorized access via the API. A user must append their security token to their password when authenticating via the API, unless they are connecting within a Trusted IP range.

Question 32

Describe the steps required to login as another user.

Answer 32

The user must grant the administrator login access. The administrator can then login as this user, which is incredibly helpful for troubleshooting purposes. My Settings\>Personal\>Grant Account Login Access After Access is granted, go to Setup\>Manage Users\>Next to the User Name is now a LOGIN link you can directly login as them w/o password.

Question 33

Describe a session, and what settings influence sessions.

Answer 33

A session is established when a user successfully logs in, and ends when a user logs out. I recommend exploring the session settings referenced in the article by navigating to Setup --\> Security Controls --\> Session Settings.

Question 34

Mary is a sales rep that travels extensively. She states that she consistently uses the same web browser on the same laptop, yet is still frequently prompted for computer activation. What could cause this to happen?

Answer 34

* This is normal and expected behavior. * ** Mary's computer's web browser is not storing cookies properly.** * The Trusted IP Ranges for Salesforce are improperly configured. * The Login IP Ranges for Salesforce are improperly configured. Correct Salesforce stores a cookie on the computer that would prevent the user from being prompted for activation when logging in from different IP addresses. If the laptop is not storing the cookies properly, then you would see this type of behavior.

Question 35

Jim is a traveling sales rep, and has just landed from a cross country flight. He views his calendar in Salesforce and notices that his calendar appointments are displaying several hours off. What is likely the cause?

Answer 35

* The locale on Jim's user record is set incorrectly. * The Salesforce org's time zone needs to be changed to reflect the change in time zone. * ** The time zone on Jim's user record needs to be updated to reflect the change in time zone.** * Jim needs to update the time zone on his laptop to reflect the change in time zone. Correct Each user has a time zone setting. The org’s default time zone sets the default time zone for new users created, it does not impact users otherwise. If the time is displaying incorrectly for a user, their time zone is most likely set incorrectly. Time elements displayed within Salesforce are independent of the computer’s time zone.

Question 36

You are the Salesforce administrator for a US-based company with a satellite office in Berlin. The Berlin office does not currently use Salesforce, but is scheduled to begin within the next few months. In order for the Berlin office to be effective, they will need to view Salesforce in German and enter currency amounts in Euros. The US office must be able to report all opportunities in US dollar amounts. A static conversion rate between USD and EUR is acceptable for launch. What do you need to consider for this implementation? (Select 3)

Answer 36

* ** Multiple currencies must be enabled prior to establishing conversion rates between currencies.** * ** Translation must be configured for custom objects, tabs, fields, and picklist values.** * ** Enabling multiple currencies will require feature activation. Feature activation can take several days to complete, and should be worked in to the project plan accordingly.** * Advanced currency management with dated exchange rates is required. Correct Translation must be configured for custom components (otherwise they are displayed in the org’s default language). Multiple currencies is required in order to support more than one currency and conversion rates. Feature activation can take several days to complete (round-trip from Salesforce support); make sure to build this into your project plans. Advanced currency management enables dated exchange rates, which is not required in this scenario.

Question 37

The VP of customer service is concerned that customer service reps can access Salesforce data from their homes. She would like to limit all customer service reps to accessing Salesforce only while they are at work. As the Salesforce administrator, what steps can you take to ensure that the customer services reps can access Salesforce only from within the company?

Answer 37

* Add the company's public IP range(s) to the list of Trusted IP Ranges. * **Add the company's public IP range(s) to the list of Login IP Ranges on the customer service reps' profile.** * Configure Login Hours on the company information page. * Add the company's public IP range(s) to the list of Trusted IP Ranges on the customer service reps' profile. Incorrect Login IP Ranges are used to prevent users from logging into Salesforce except from specified IP ranges. Specifying the public IP addresses of the company’s internet access within Login IP Ranges would therefore prevent users from accessing Salesforce outside of the company network.