Interview Questions on Profiles,Permission set,users,OWD,Roles and Sharing Rules in salesforce
1.What is Profile?
ANS: Profile contains set of permissions and access settings that controls what user can do with in the organization.
2. What are permission sets?
ANS: A set of permissions is given to the users without changing the profile.
3.What is OWD?
ANS: OWD'S are base line record level security for objects in the organization.
It is used to restrict access to data.
4.What is Roles?
ANS: A role controls the level of visibility that users have to an organization's data.
5.What is User?
ANS:The people who have authenticated username and password to login to the salesforce successfully.
6.What is Sharing Rules?
ANS:These are used to override the OWD permissions.
Sharing rules are two types
1.Based on record owner
2.Based on createria.
7.What is the role hierarchy?
ANS:Role Hierarchy states that higher hierarchy person can see lower hierarchy person records.
8.Can you override profile permissions with permission sets(i have defined some permissions in profile,i am trying to use permission sets for the same object,can i override permissions for a particular object in the permission sets over to the profile?
ANS:No. Permission Sets are used only to extend the Profile permissions. It never overrides.
9. I want to have read/write permission for User 1 and read only for User 2, how can you acheive?
ANS:Create a Permission Set with read/write and assign it to User 1.
10. I have an OWD which is read only, how all can access my data and I want to give read write access for a particular record to them, how can i do that?
ANS:All users can just Read the record.
Create a Sharing Rule to give Read/Write access with "Based on criteria" Sharing Rules.
11.What is the difference between role hierarchy and sharing rules?will both do the same permissions?
ANS:Role Hierarchy states that higher hierarchy person can see lower hierarchy person records.
Sharing Rule is used to extend Role Hierarchy.
12. Is it possible to delete the user in salesforce?
ANS:No, once we create an user in salesforce we cannot delete the user record. We can only deactivate the user record.
13.How to provide security for Meta-Data files (Schema)?
ANS:Using Profiles and Permission Sets.
13. How to give permissions to two fields for different users who belongs to different profiles?
ANS:Permission set
14. How many users are there in your project salesforce instance?
ANS:1000 (It will depends upon the number of licenses taken by the client, it will be like upto 4000 like that based on the client)
15.What is Grant Access Using Hierarchies?
ANS:In OWD we have Private but your higher position persons should see that time we go for Grant Access Using Hierarchies.
16. How we can change the Grant access using role hierarchy for standard objects?
ANS:Not possible.
17.What is manual sharing?
ANS:Manual sharing is to share a record to a particular user manually.
Go to detail page of record and click on manual sharing button and assign that record to other user with Read or Read/Write access.
Manual Sharing button enables only when OWD is private to that object.
18.Can you tell the difference between Profile and Roles?
ANS:Profiles are used for Object level access settings.
Roles are used for Record level access settings.
Organisation wide default sets the default access for objects, for example OWD set as private would mean that only the owner of the record can access the record. One way to grant additional access of these records to other users is through roles i.e users higher in role hierarchy would get the access of records owned by users lower in hierarchy. Other way is by writing sharing rules, wherein we can specify the logic to decide which record should be shared and with what role user. We can specify against custom objects whether the records should be shared using role hierarchy or not but this is default set for standard objects and cannot be changed. That is, standard object records will always be shared according to role hierarchy. Defining role for users is not a mandatory thing, however not defining role for a user could affect the data shown on opportunity and other reports for that user.
ANS: Profile contains set of permissions and access settings that controls what user can do with in the organization.
2. What are permission sets?
ANS: A set of permissions is given to the users without changing the profile.
3.What is OWD?
ANS: OWD'S are base line record level security for objects in the organization.
It is used to restrict access to data.
4.What is Roles?
ANS: A role controls the level of visibility that users have to an organization's data.
5.What is User?
ANS:The people who have authenticated username and password to login to the salesforce successfully.
6.What is Sharing Rules?
ANS:These are used to override the OWD permissions.
Sharing rules are two types
1.Based on record owner
2.Based on createria.
7.What is the role hierarchy?
ANS:Role Hierarchy states that higher hierarchy person can see lower hierarchy person records.
8.Can you override profile permissions with permission sets(i have defined some permissions in profile,i am trying to use permission sets for the same object,can i override permissions for a particular object in the permission sets over to the profile?
ANS:No. Permission Sets are used only to extend the Profile permissions. It never overrides.
9. I want to have read/write permission for User 1 and read only for User 2, how can you acheive?
ANS:Create a Permission Set with read/write and assign it to User 1.
10. I have an OWD which is read only, how all can access my data and I want to give read write access for a particular record to them, how can i do that?
ANS:All users can just Read the record.
Create a Sharing Rule to give Read/Write access with "Based on criteria" Sharing Rules.
11.What is the difference between role hierarchy and sharing rules?will both do the same permissions?
ANS:Role Hierarchy states that higher hierarchy person can see lower hierarchy person records.
Sharing Rule is used to extend Role Hierarchy.
12. Is it possible to delete the user in salesforce?
ANS:No, once we create an user in salesforce we cannot delete the user record. We can only deactivate the user record.
13.How to provide security for Meta-Data files (Schema)?
ANS:Using Profiles and Permission Sets.
13. How to give permissions to two fields for different users who belongs to different profiles?
ANS:Permission set
14. How many users are there in your project salesforce instance?
ANS:1000 (It will depends upon the number of licenses taken by the client, it will be like upto 4000 like that based on the client)
15.What is Grant Access Using Hierarchies?
ANS:In OWD we have Private but your higher position persons should see that time we go for Grant Access Using Hierarchies.
16. How we can change the Grant access using role hierarchy for standard objects?
ANS:Not possible.
17.What is manual sharing?
ANS:Manual sharing is to share a record to a particular user manually.
Go to detail page of record and click on manual sharing button and assign that record to other user with Read or Read/Write access.
Manual Sharing button enables only when OWD is private to that object.
18.Can you tell the difference between Profile and Roles?
ANS:Profiles are used for Object level access settings.
Roles are used for Record level access settings.
What is the Difference between Roles and Profiles in salesforce?
Roles
In salesforce, roles are defined so as to increase the data visibility a particular user has. The data visibility can be increased using sharing rules or by building role hierarchy. Role hierarchy allows the user sitting in higher level have access of records owned by users having role lower in hierarchy. It is not mandatory that a user should have a role.
Organisation wide default sets the default access for objects, for example OWD set as private would mean that only the owner of the record can access the record. One way to grant additional access of these records to other users is through roles i.e users higher in role hierarchy would get the access of records owned by users lower in hierarchy. Other way is by writing sharing rules, wherein we can specify the logic to decide which record should be shared and with what role user. We can specify against custom objects whether the records should be shared using role hierarchy or not but this is default set for standard objects and cannot be changed. That is, standard object records will always be shared according to role hierarchy. Defining role for users is not a mandatory thing, however not defining role for a user could affect the data shown on opportunity and other reports for that user.
Summarizing the points for role,
1. Role controls the level of record access user has
2. Helps extend the OWD settings for different objects
3. Sharing rules can be written to share records with particular role and subordinates
4. Defining role for user is not mandatory.
Profiles
Unlike role, profile is mandatory for every user in salesforce. You cannot have a user without a profile. It is the building pillar of the entire org. Profile states the objects/field permissions and also other permissions with in the org. It defines what a user can do within the org, it states the access settings and user permissions. Profile controls following -
- Object permissions [create, delete,read, edit permissions]
- field permissions [view, edit]
- Record type permission
- Which Apps can be viewed
- Login hours can be defined
- IP address permissions
- Which tabs are visible
- Which page layouts can be viewed
- Classes, vf pages permissions
Salesforce provides some standard profiles with different set of permissions for each, we can create our own profiles to have permissions as per our requirement. New profile should be cloned from existing profile.
Difference between the two can be summarized as below
1. Role defines what user can see depending on the hierarchy(Helps in defining data visibility)
2. Profile defines what a user can do within the org(Defines various permissions)
3. Defining profile for a user is mandatory, role is not.
No comments:
Post a Comment