I’ve searched around but can’t seem to find a concrete / authoritative answer to this question.
- A company has multiple Salesforce Organizations for different divisions.
- This same company has one single MS Cloud Organization (with a single AAD tenant and O365 Exchange Online)
- One of the Salesforce Organizations has enabled Lightning synch through the OAuth connector.
So, the Lightning Synch app is already nestled into AAD i.e. the configuration has already been done by an O365 Global admin and the Salesforce Lightning app has full access.
If I want to connect other Salesforce Organizations to this same AAD / O365, will I have to get the Global Admin to input the credentials for each implementation? Concretely – does each Lightning synch configuration for each individual Salesforce Organization within the same company, behave like a new integration / configuration with AAD / O365 and will all the steps have to be repeated?
Many thanks for your time!
you are connecting different instances and they will each require their own unique domain for the integration (otherwise, by doing one integration you'll allow EVERY salesforce instance to connect to your org...)
Has anyone else expereinced this issue?
A solution or some guidance would be greatly appreciated.
I checked the Security Settings in Community and CSP Security Level is set to "Allow Inline Scripts and Script Access to Whitelisted Third-party Hosts". I even tried disabling Strict CSP in Session Settings, but it didn't help either. Even if the Agent is logged in to Omnichannel, it always shows Agent Offline in Community due to this.
I have whitelisted the liveagent site, *.visualforce.com and *.force.com, but nothing seems to change anything.
I tried with the same setup in IE and it shows the Agent Online in Community. Can someone please help?
Second, after changing OWD, when I ran the Apex tests, I got this:
System.AssertException: Assertion Failed: Inside Sales users should be able to read all Opportunities but the test did not find all records. #sadtrombone: Expected: 3, Actual: 2
Since the error was saying "should be able to read all Opportunities", so I checked the View All permission on the Inside Sales profile.
Strange thing - The SB asks you to NOT to check the View All permission, but the Apex Test error indicates otherwise. And marking the View All permission, passes the Apex Tests.
Each step will be a little more in-depth than the brief summary below, but I've included links to docs, videos or knowledge articles where possible and I'd be happy to take any follow-up questions you may have. Here goes..!
1) Create two record types. Name them what you like but in my example I'll use Regular Contact and Hidden Contact. Regular Contact should be the master, so create this one first if you don't already have record types on your contact object. Take a look at https://help.salesforce.com/apex/HTViewHelpDoc?id=creating_record_types.htm&language=en_US and https://www.youtube.com/watch?v=JUFq1do07fA for guidance on creating record types. Give Standard Users (and presumably all other profiles) access to the two record types (https://help.salesforce.com/HTViewHelpDoc?id=admin_recordtype.htm&language=en_US).
2) Clone your existing contact page layout, remove the address and phone number fields from it and save it. Then under Page Layout Assignment, ensure the the new layout without these fields is selected for the Standard User and Hidden Contact profile/record type combination.Further guidance: https://help.salesforce.com/HTViewHelpDoc?id=customize_layout.htm&language=en_US, http://help.salesforce.com/apex/HTViewHelpDoc?id=customize_layoutassign.htm, https://www.youtube.com/watch?v=JUFq1do07fA.
3) EITHER manually change the record type of your specific contacts to Hidden Contact one by one (http://help.salesforce.com/HTViewHelpDoc?id=account_recordtype.htm&language=en_US) OR create some standalone workflow logic to do that for you (for example: create a new checkbox field for Hidden Contact and create a workflow rule that detects this value becoming true and forces through a field update of the record type field to a new value of Hidden Contact - https://help.salesforce.com/HTViewHelpDoc?id=workflow_defining_field_updates.htm&language=en_US).
4) Test this extensively to ensure that all use cases are satisfied. For example, check that all users can still access both types of contact, check that the Hidden Contacts are having their address and phone number fields hidden for Standard Users, check that Regular Contacts are still showing the fields for Standard Users, check that the workflow is functioning correctly to update the record type automatically when Hidden Contact is ticked.
5) When you're comfortable that all your testing has been successful (and maybe think about getting someone else to sanity-check it), move your changes to your live environment either by repeating them step-by-step in the live system or by moving some or all of the new components via a change set (https://help.salesforce.com/HTViewHelpDoc?id=changesets.htm&language=en_US).
Be sure to let us know how you get on and whether you'd like to ask any follow-up questions or share any obstacles you face along the way. Best of luck!
- I logged in as the user and confirmed the error.
- I logged in as the user and tried cloning a Postsecondary Resource, which worked.
- I reviewed the users' profile. The profile has all permissions (Read, Create, Edit, Delete, View All, Modify All) for all three objects (Postsecondary Resources, Accounts, and Contacts).
Which leads me to think, is there some custom code involved? Are you potentially overriding the New button and using a custom Visualforce page to input the PostSecondary Resource record? In which case the user might not have access to the VF page and thus receives insufficient privileges.
The 'Account' profile did not have the appropriate object and field-level security for the Account object. (Trailhead, Data Security, Control Access to Fields)
'Rating' Permission set account object field settings:
As with everythin i've got stuck on in Trailhead, I bet it's staring me in the face. Thanks in advance!
Douglas, Permission set does not need assigning for this particular challenge, only creation of the profile and permission set.
Amit, as per my post, i did clone 'read only' as an effort to get it right as that's what others did to fix the 'error', but thanks anyway.