Thursday, 25 July 2013
Thursday, 11 July 2013
Log in as Any User Without First Having Access Granted
A year ago, we released an enhancement to the Grant Login-as
screens that changed how long a user could grant access to an administrator or
salesforce.com customer support representative. Instead of being able to set an
expiration date sometime in the far away future, we began to limit it to no
longer than one year of login access.
This had a significant impact on administrators and implementation consultants alike who use the login access feature to:
This had a significant impact on administrators and implementation consultants alike who use the login access feature to:
·
troubleshoot user
issues
·
train users
·
phase in new
configurations
In the past, administrators and consultants would work around the
fact that users had the right to grant and revoke access. In some cases, they
would change a user's email to their own, reset the password, login as the
user, and grant login access indefinitely. In other cases, administrators would
just instruct their users during on-boarding to set grant login access as far
in the future as possible. Finally, some would create videos and tutorials explaining to
end-users how to grant login access. In any case, the process of granting
access could be an obstruction for administrators who just wanted to help their
users as quickly as possible.
Shortly after the release, I heard from some of our MVPs(Most Valued Players) about their difficulties trying to actively support their users.
What I learned from them is that login access is such a critical tool for administrators and consultants that providing the ability and security settings for an user to grant or revoke access was secondary to helping their users out when critical issues arise. In some situations, it is appropriate for these administrators and consultants to have login access regardless of whether their users granted it or not. In fact, because explaining the steps to grant login access could be such a time consuming exercise, administrators were resetting email addresses and passwords to do this for their users before any issue came up, which in itself is a security issue.
As a result, we developed a feature in the Summer '12 release that allows an organization to opt-in to the ability for organization administrators to login as any standard user without first having the user grant access. By having this feature enable in your organization, an administrator with Manage Users permission can then enable or disable it as it applies to them through the Login Access Policies page using an organization preference that they control. When enabled, their end-users lose the ability to grant access and administrators can automatically login as them. When disabled, their end-users can once again choose whether to grant or revoke login access to their administrators.
From a segregation of duties perspective, users with Modify All Data or Delegated Administrators can login as other users, but because Manage Users permission is required to enable the organization preference on the Login Access Policies page, these login-as proxy users cannot control whether this policy applies to all users in the organization.
If you are interested in having this feature enabled in your organization, please contact salesforce.com customer support or your account team.
Shortly after the release, I heard from some of our MVPs(Most Valued Players) about their difficulties trying to actively support their users.
What I learned from them is that login access is such a critical tool for administrators and consultants that providing the ability and security settings for an user to grant or revoke access was secondary to helping their users out when critical issues arise. In some situations, it is appropriate for these administrators and consultants to have login access regardless of whether their users granted it or not. In fact, because explaining the steps to grant login access could be such a time consuming exercise, administrators were resetting email addresses and passwords to do this for their users before any issue came up, which in itself is a security issue.
As a result, we developed a feature in the Summer '12 release that allows an organization to opt-in to the ability for organization administrators to login as any standard user without first having the user grant access. By having this feature enable in your organization, an administrator with Manage Users permission can then enable or disable it as it applies to them through the Login Access Policies page using an organization preference that they control. When enabled, their end-users lose the ability to grant access and administrators can automatically login as them. When disabled, their end-users can once again choose whether to grant or revoke login access to their administrators.
From a segregation of duties perspective, users with Modify All Data or Delegated Administrators can login as other users, but because Manage Users permission is required to enable the organization preference on the Login Access Policies page, these login-as proxy users cannot control whether this policy applies to all users in the organization.
If you are interested in having this feature enabled in your organization, please contact salesforce.com customer support or your account team.
Salesforce Interview Questions part -V updating.......
What is APEX?
It is object oriented, cloud based programming language.
1) If I am having 3 users like A,B,C IF user A having 3
records, user B having 2 records and user C having 5 records but here my requirement
is they won’t see each other’s records how can you do this?
Ans: Private
2) In field update workflow I have written a validation rule like if I am having a field it will take the input up to 99 whenever I am entering more than that it will display error message. For each time the field update it will update the value 100.intially I am take some value with in the range 99 and after that I enter 1000 then how much value will update on field?
Ans: Validation rules fire before saving the record and workflows will fire after saving the record
So value will be 100 only before saving the record it displays an error message and field containing the value for the previous record value.
3) If I am having 2 objects they dint relate each other but I want to show them in a single report so that what can be used here?
Ans: Join reports
4) If I am having a check box and beside that I am having a textbox and also having a save button here my requirement is initially text box is hidden whenever I select the checkbox and click the save button the text box will be visible so which attribute we are using initially hidden and after that visible?
Ans: By Using rendered attribute we can achieve this.
5) If I have a field in that whenever a record is saved it will update the value with 100 so which events we are used?
Ans: before events
6) what are testing best practices?
7) If a record can be created edited and deleted and in the opportunity object one record is closed then it can’t be deleted so what we can do here?
8) By using change sets can we move buttons to production?
Ans: Yes we can
9) By using change sets can u move approval process to production?
Ans: yes we can
10) diff between partner portal and customer portal?
Ans: Private
2) In field update workflow I have written a validation rule like if I am having a field it will take the input up to 99 whenever I am entering more than that it will display error message. For each time the field update it will update the value 100.intially I am take some value with in the range 99 and after that I enter 1000 then how much value will update on field?
Ans: Validation rules fire before saving the record and workflows will fire after saving the record
So value will be 100 only before saving the record it displays an error message and field containing the value for the previous record value.
3) If I am having 2 objects they dint relate each other but I want to show them in a single report so that what can be used here?
Ans: Join reports
4) If I am having a check box and beside that I am having a textbox and also having a save button here my requirement is initially text box is hidden whenever I select the checkbox and click the save button the text box will be visible so which attribute we are using initially hidden and after that visible?
Ans: By Using rendered attribute we can achieve this.
5) If I have a field in that whenever a record is saved it will update the value with 100 so which events we are used?
Ans: before events
6) what are testing best practices?
7) If a record can be created edited and deleted and in the opportunity object one record is closed then it can’t be deleted so what we can do here?
8) By using change sets can we move buttons to production?
Ans: Yes we can
9) By using change sets can u move approval process to production?
Ans: yes we can
10) diff between partner portal and customer portal?
ANS: clear
difference is that Partner Portal licenses cost more than Customer
Portal licenses
ANS2: ANS: Customer Portal is for the support of your customers (includes Cases etc. but not Opportunities) and Partner Portal is for your Partners so that you can effectively manage your channels sales (contains Opportunities and only top Partner license has Cases).
ANS2: ANS: Customer Portal is for the support of your customers (includes Cases etc. but not Opportunities) and Partner Portal is for your Partners so that you can effectively manage your channels sales (contains Opportunities and only top Partner license has Cases).
11)what are the objects used in partner portal?
In addition to custom objects, the following tabs can be displayed in the partner portal:
Accounts
Answers
Articles
(requires Salesforce Knowledge
Cases
Contacts
Documents
Ideas
Leads
Opportunities
Entitlements
Service
contracts
Solutions
Salesforce
CRM Content tabs
Reports
12) What are the objects used in customer portal?
13) What objects cant used in partner and customer portal?****
14) In salesforce to salesforce can u subscribe campaign object?
Ans:
If you are importing CampaignMember data into Salesforce and need to set the
value for an audit field, such as CreatedDate, contact salesforce.com. Audit
fields are automatically updated during API operations unless you request to
set these fields yourself.
15) If one field is hidden by using formula field can u calculate the value is it possible?
Ans: Yes we can
16) what is the use of include attribute?
Ans: we can include one VF page in another page
17) can u display pdf in salesforce?
Ans: Yes by using renderas tag.
18) If I want to find the word rob then which one you are using soql or sosl?
Ans: sosl
19) what is metric dashboard?
20) Scenario for approval process?
15) If one field is hidden by using formula field can u calculate the value is it possible?
Ans: Yes we can
16) what is the use of include attribute?
Ans: we can include one VF page in another page
17) can u display pdf in salesforce?
Ans: Yes by using renderas tag.
18) If I want to find the word rob then which one you are using soql or sosl?
Ans: sosl
19) what is metric dashboard?
20) Scenario for approval process?
1. How
to delete a class from production?
· In xml file TAG operation by default replace update
with Delete to delete Class
2. What
is a Lead?
· Lead is the one who is interested in and filled out a
form in your website for some opportunity whom may or may not get converted in
to contact & have opportunity to become the customer
3. Time
Dependent Trigger does not work on which type of criteria????????????
· Time dependent actions aren’t executed independently,
They should execute as a batch
4. What
are different types of workflows used?
· Time dependent workflow
· Email alert
· Field update
· Defining Outbound Messages
· Creating Approval process
5. What
is difference between 15 digit Id and 18 digit Id?
a. 15 digit is case sensitive & 18 digit isn’t
6. Difference
between System Log and Debug Log?
a. System log: Contain all the system related information, anonymous APEX
execution etc
b. Debug
Logs: Contains all the debug statements and program execution related to the
user for which the debug is granted
7. What
are different collections in salesforce? What is difference between List and
set?
a. List
b. Set
c. Map
8. Will
CSS is supported in renderAs pdf?
a. No it’ll not, to get that supported put css in between
<head></head> tags
9. How
many numbers of records can be retrieved from a query?
a. 50000
10. How to work with
salesforce offline?
11. Difference between SOQL
and SOSL?
a. Test1
b. Test2
12. Why is SOSL used for?
a. Is used to retrieve the exact phrase from the data of the field
13. What are different
types of Relationships in Salesforce.com?
14. What is the Code
coverage to deploy into Production?
15. What is System.Assert()
and System.AssertEquals()?
16. What is difference
between Rendered,Rerender and renderAs?
17. What is difference
between repeat and dataList?
18. What is actionPoller?
19. What are the different
action tags used in visual force page?
20. What are the symbols
used in visual-force page?
21. What is the sequence of
execution in salesforce.com?
22. What are difference
between managed package and unmanaged package?
23. What are the URL of
sandbox and Production?
24. What is StartTest() and
StopTest()?
25. What is a Campaign?
26. What is difference
between personal account and business account?
27. Integration of
salesforce with other technologies?
28. What is Lead Convert?
29. How to give permissions
to users for a specific record?
30. What is the minimum
time to schedule a class?
31. What are different
steps in approval process?
32. What are different
types of Editions?
33. Some of the Standard objects
of salesforce.com?
34. What are the Governor
Limits? and specify it for each edition?
35. What are different
types of controllers available in Salesforce.com?
36. What is difference
between Trigger.new and Trigger.old?
37. What is Salesforce to Salesforce?
38. What are different type
of Reports?
39. What are Report types?
40. What are record types?
41. What is Data Merging in
Salesforce?
42. What are different
annotations used in salesforce, describe about them?
43. What is a view state?
44. What are difference
between Roles and Profiles?
45. What is Data Loader and
what is External Id?
46. What is difference
between sharing and without sharing?
47. How many ways we can
create a lead record?
48. What is Web-to-Lead?
49. What are web services?
50. How to synchronize
trigger which are written on same object with same type of insert or update
operations?
51. Disadvantages of
Salesforce.com?
52. How can I delete a
controller from production?
53. What is ActionSupport?
54. What is ActionSupport?
55. What is actionFunction?
56. What is reRender?
57. What is RenderAs?
58. What is Rendered?
59.
What are different types of Exceptions in salesforce?
60. How to Configure
Failure Response Settings in Email?
I. Over Email Rate Limit action
II. Deactivate Email address action
III. Deactivate Email Service action
IV. Unauthenticated Sender action
V. Unauthorized sender action
VI. Bounce Message
VII. Discard Message
VIII. Re-queue Message
61. Name some reasons DML
operations fail?
· Fields marked as required
· Custom Validation rules on object
· Triggers Logic for Validation
62. Types of Salesforce
Errors
· too many soql queries 101
· duplicate value found unknown duplicates value on
record with id
· in operator must be used with an iterable expression
· incompatible element type id for collection of sobject
· apex createddate
· collection size exceeds maximum size of 1 000
· maximum trigger depth exceeded
63. What is Record?
Records are individual instances of object, In
SF most records have its associated owners
64. What ownership is for
Child records in Master detail relationship?
· Child owners in Master detail relationship doesn’t
have owner’s, They inherit ownership from the parent record
65. Sharing Model
66. Ways a record get FULL
ACCESS?
· He might be owner
· User might be above role hierarchy
· Profile may contain “Modify all data”
67. Ways a record get READ
WRITE or READ ONLY ACCESS?
· OWD
· Role Hierarchy
· Sharing Rules
· Manual Sharing
· Apex Sharing
· “VIEW ALL” data permissions
68. Profiles control access
to objects & object field
69. Sharing Model Controls
access to records
70. OWD:
· This is Security settings that define the baseline
access to data records that you not own
· OWD can be defined for custom & Standard objects,
There are 3 levels of access settings
1. Public
Read/Write
2. Public
Read only
3. Private
71. How to determine OWD
settings
· Identify most restricted user in object
· Verify whether user can view all instances of
object
· Set OWD defaults to private, if User is not allowed to
view any object instance
· If user is allowed to view a record check whether the
user is allowed to Edit the object instances as well, If there are restrictions
set it to public read only, Else Public Read/Write
72. What is Self Service
Portal?
73. *******Best Practice
list of SOQL Query*******
Below the code that picked up from test
coverage,
List<i_term__c> termList = termList =
[SELECT Id, Name, term_begin_date__c, term_end_date__c FROM l_term__c WHERE
Name IN ('1172', '1174', '1176', '1178', '1182', '1184', '1186', '1188')];
and expecting that termList[0] = 1172, termList[1] = 1174, termList[2] = 1174 etc., but this is not true.
We cannot expect the list to be in a certain order unless it is sorted.
List<i_term__c> termList = termList = [SELECT Id, Name, term_begin_date__c, term_end_date__c FROM l_term__c WHERE Name IN ('1172', '1174', '1176', '1178', '1182', '1184', '1186', '1188') ORDER BY Name];
and expecting that termList[0] = 1172, termList[1] = 1174, termList[2] = 1174 etc., but this is not true.
We cannot expect the list to be in a certain order unless it is sorted.
List<i_term__c> termList = termList = [SELECT Id, Name, term_begin_date__c, term_end_date__c FROM l_term__c WHERE Name IN ('1172', '1174', '1176', '1178', '1182', '1184', '1186', '1188') ORDER BY Name];
74. Class is an template
for creating instances of an object
---------------------------------------------------------------------------------------------------------------------------
75. Approval Process can be build on
: Expense Reports
: Time-off request
: New Hiring Employees
: Approving New contracts & renewing them
: discounting opportunities
Automation for Workflow & Approval Process are:
1.Send Email
2.Assign Tasks
3.Update Fields
4.Web Service Messages
Key Approval Features : We have several key tools to specify
1.Multiple Approvers:- Multiple Approverscan be assigned in order we specify,
2.Approval,Reject,Recall:- Once record is submitted for approval it can be approved, rejected or recalled and later we submit i
3.Lock Records:- The associated records such as acroach can be locked to prevent changes while approval is pending
4.Email,Chatter,HomeTab:- Request can be approved/Rejected via Email,Chatter,HomeTab
75. Approval Process can be build on
: Expense Reports
: Time-off request
: New Hiring Employees
: Approving New contracts & renewing them
: discounting opportunities
Automation for Workflow & Approval Process are:
1.Send Email
2.Assign Tasks
3.Update Fields
4.Web Service Messages
Key Approval Features : We have several key tools to specify
1.Multiple Approvers:- Multiple Approverscan be assigned in order we specify,
2.Approval,Reject,Recall:- Once record is submitted for approval it can be approved, rejected or recalled and later we submit i
3.Lock Records:- The associated records such as acroach can be locked to prevent changes while approval is pending
4.Email,Chatter,HomeTab:- Request can be approved/Rejected via Email,Chatter,HomeTab
---------------------------------------------------------------------------------------------------------------------------
76.Why use Batch APEX?
77. In which condition time dependent workflow rule doesn't work?
When Evaluation Criteria says Evaluate the rule when a record is:
Created, and every time it’s edited.
---------------------------------------------------------------------------------------------------------------------------
78. How a record can be shared
This is possible if the object security settings is set to private, So that no other user has access to as to which this record is private which makes it to share to other.
---------------------------------------------------------------------------------------------------------------------------
79.
76.Why use Batch APEX?
A Batch class allows you to define a single job that can be broken up into manageable chunks that will be processed separately.
One example is if you need to make a field update to every Account in your organization. If you have 10,001 Account records in your org, this is impossible without some way of breaking it up. So in the start() method, you define the query you're going to use in this batch context: 'select Id from Account'. Then the execute() method runs, but only receives a relatively short list of records (default 200). Within the execute(), everything runs in its own transactional context, which means almost all of the governor limits only apply to that block. Thus each time execute() is run, you are allowed 150 queries and 50,000 DML rows and so on. When that execute() is complete, a new one is instantiated with the next group of 200 Accounts, with a brand new set of governor limits. Finally the finish() method wraps up any loose ends as necessary, like sending a status email.
So your batch that runs against 10,000 Accounts will actually be run in 50 separate execute() transactions, each of which only has to deal with 200 Accounts. Governor limits still apply, but only to each transaction, along with a separate set of limits for the batch as a whole.
Disadvantages of batch processing:
- It runs asynchronously, which can make it hard to troubleshoot without some coded debugging, logging, and persistent stateful reporting. It also means that it's queued to run, which may cause delays in starting.
- There's a limit of 5 batches in play at any time, which makes it tricky to start batches from triggers unless you are checking limits.
- If you need access within execute() to some large part of the full dataset being iterated, this is not available. Each execution only has access to whatever is passed to it, although you can persist class variables by implementing Database.stateful.
- There is still a (fairly large) limit on total Heap size for the entire batch run, which means that some very complex logic may run over, and need to be broken into separate batches.
77. In which condition time dependent workflow rule doesn't work?
When Evaluation Criteria says Evaluate the rule when a record is:
Created, and every time it’s edited.
---------------------------------------------------------------------------------------------------------------------------
78. How a record can be shared
This is possible if the object security settings is set to private, So that no other user has access to as to which this record is private which makes it to share to other.
---------------------------------------------------------------------------------------------------------------------------
79.
Subscribe to:
Posts (Atom)