Answers - Salesforce Trailblazer Community
Ask Search:
Joe MarsonJoe Marson 
Hi, one of my Users is unable to log into Salesforce. When I, an administrator, reset their password, they don't receive the verification code. Their email address is correct on their User record. This is in ProductionPost to Community. This user has checked their Inbox AND Junk Mail for a Verification Code. No Verification Code email from Salesforce in sight.

Has anyone else expereinced this issue?

A solution or some guidance would be greatly appreciated.
Best Answer chosen by Joe Marson
Daniel ProbertDaniel Probert
Hi Joe,

I had a similar issue recently and this article helped me resolve it.

https://help.salesforce.com/HTViewSolution?id=000198756&language=en_US

Thanks
Dan
Lakshmikanth SLakshmikanth S 
I have followed the instructions given in Trailhead and implemented Snap-ins button, Live Agent and Omni Channel in my Developer Edition org. I previously worked on the modules and had no problem with setting it up. I have also added the Live Agent button in a Lightning Community, but it always shows an error that the script resources violate the CSP settings.

User-added imageI checked the Security Settings in Community and CSP Security Level is set to "Allow Inline Scripts and Script Access to Whitelisted Third-party Hosts". I even tried disabling Strict CSP in Session Settings, but it didn't help either. Even if the Agent is logged in to Omnichannel, it always shows Agent Offline in Community due to this.

I have whitelisted the liveagent site, *.visualforce.com and *.force.com, but nothing seems to change anything.

I tried with the same setup in IE and it shows the Agent Online in Community. Can someone please help?
Best Answer chosen by Lakshmikanth S
Sarah SchneiderSarah Schneider
I had this same issue and was able to get it working by going into Communities Workspace => Settings => Security, copying the root url of the resource that is throwing the CSP error (in your screenshot above, everything up until salesforceliveagent.com), clicking 'Add Trusted Site' under Trusted Sites for Scripts, and pasting the root url into the Trusted Site URL field. Then save / publish / refresh, now livechat is working for me.
Darshana PawarDarshana Pawar 
The sharing rule that shares Opportunities owned by Field Sales users with Inside Sales users does not appear to be setup correctly.
Best Answer chosen by Jayson (salesforce.com) 
Narender SinghNarender Singh
So first, you hadn't set the OWD of Opportunity object to Private. It was Public Read/Write.

Second, after changing OWD, when I ran the Apex tests, I got this:
System.AssertException: Assertion Failed: Inside Sales users should be able to read all Opportunities but the test did not find all records. #sadtrombone: Expected: 3, Actual: 2

Since the error was saying "should be able to read all Opportunities", so I checked the View All permission on the Inside Sales profile.

And done.

Strange thing - The SB asks you to NOT to check the View All permission, but the Apex Test error indicates otherwise. And marking the View All permission, passes the Apex Tests.
#JustSuperbadgeThings
Best Answer chosen by Kathryn Baird
Chris EdwardsChris Edwards
Sure, Kathryn! Before we get on to the detail, my biggest, strongest, most important tip of all would be to test all of this out in your sandbox environment first before even thinking about making these changes in your live system! As you're on Enterprise Edition, you'll have a sandbox at your disposal so do use it.

Each step will be a little more in-depth than the brief summary below, but I've included links to docs, videos or knowledge articles where possible and I'd be happy to take any follow-up questions you may have. Here goes..!

1) Create two record types. Name them what you like but in my example I'll use Regular Contact and Hidden Contact. Regular Contact should be the master, so create this one first if you don't already have record types on your contact object. Take a look at https://help.salesforce.com/apex/HTViewHelpDoc?id=creating_record_types.htm&language=en_US and https://www.youtube.com/watch?v=JUFq1do07fA for guidance on creating record types. Give Standard Users (and presumably all other profiles) access to the two record types (https://help.salesforce.com/HTViewHelpDoc?id=admin_recordtype.htm&language=en_US).

2) Clone your existing contact page layout, remove the address and phone number fields from it and save it. Then under Page Layout Assignment, ensure the the new layout without these fields is selected for the Standard User and Hidden Contact profile/record type combination.Further guidance: https://help.salesforce.com/HTViewHelpDoc?id=customize_layout.htm&language=en_US, http://help.salesforce.com/apex/HTViewHelpDoc?id=customize_layoutassign.htm, https://www.youtube.com/watch?v=JUFq1do07fA.

3) EITHER manually change the record type of your specific contacts to Hidden Contact one by one (http://help.salesforce.com/HTViewHelpDoc?id=account_recordtype.htm&language=en_US) OR create some standalone workflow logic to do that for you (for example: create a new checkbox field for Hidden Contact and create a workflow rule that detects this value becoming true and forces through a field update of the record type field to a new value of Hidden Contact - https://help.salesforce.com/HTViewHelpDoc?id=workflow_defining_field_updates.htm&language=en_US).

4) Test this extensively to ensure that all use cases are satisfied. For example, check that all users can still access both types of contact, check that the Hidden Contacts are having their address and phone number fields hidden for Standard Users, check that Regular Contacts are still showing the fields for Standard Users, check that the workflow is functioning correctly to update the record type automatically when Hidden Contact is ticked. 

5) When you're comfortable that all your testing has been successful (and maybe think about getting someone else to sanity-check it), move your changes to your live environment either by repeating them step-by-step in the live system or by moving some or all of the new components via a change set (https://help.salesforce.com/HTViewHelpDoc?id=changesets.htm&language=en_US).

Be sure to let us know how you get on and whether you'd like to ask any follow-up questions or share any obstacles you face along the way. Best of luck!
Vinutha BhatVinutha Bhat 
Our Sandboxes are upgraded to Spring '19 and we noticed that users(including System Administrator ) are not able to delete any records using 'Delete' button on record detail page. I do not see any such updates in relese notes. Anyone have idea, if we are missing anything here?
Best Answer chosen by Vinutha Bhat
Christopher BarrettChristopher Barrett
The "Submit for Approval" button exhibits the same behavior too.  What is odd is that the issue seems to only occurs in Chrome and Firefox browsers in Windows. Edge on Windows works fine and so do Chrome and Safari browsers on a Mac. We opened a ticket with Salesforce Support and would urge you (and anyone else) to do the same.
Julia StewartJulia Stewart 
Problem: I've created a new custom object called "Postsecondary Resource." The object contains two lookup fields, for an account and a contact.  For one of my users, when they go to the Postsecondary Resources tab and hit "new," they get an insufficient privileges error.

Troubleshooting: 
  • I logged in as the user and confirmed the error.
  • I logged in as the user and tried cloning a Postsecondary Resource, which worked.
  • I reviewed the users' profile.  The profile has all permissions (Read, Create, Edit, Delete, View All, Modify All) for all three objects (Postsecondary Resources, Accounts, and Contacts).
Any ideas?  I don't understand how it could be related to sharing rules, since the user is trying to create a NEW record, not modify any existing record.
Best Answer chosen by Julia Stewart
Will UlmerWill Ulmer
Julia, I would tend to agree with you about sharing rules b/c you are trying to create a new record, which is normally owned by the creator. The OWD for the objects should not matter since you are giving "Modify All" on the profile, even if something was immediately transferring record ownership to another user upon insertion of the record. Is there anything like that?

Which leads me to think, is there some custom code involved? Are you potentially overriding the New button and using a custom Visualforce page to input the PostSecondary Resource record? In which case the user might not have access to the VF page and thus receives insufficient privileges.


 
Tristan RhodesTristan Rhodes 
I keep getting this error, and i cannot fathom why. I've trawled the forum (and google) and I beleive I've done everything in accordance with the instructions, and as per peoples interpretations. can anyone help to show me what i've done wrong please? (NOTE: Screenshots below are from copy of 'read only' profile cloned to make 'Account' profile, as forums seem to suggest this is how to do it rather than clone os 'standard user' profile as per Trailhead challenge.
Profile Object Permission
Profile Accounts Rating field permission
'Rating' Permission set account object field settings:
'Rating' Permission Set, Account object, Rating field settings

As with everythin i've got stuck on in Trailhead, I bet it's staring me in the face. Thanks in advance!

 
Best Answer chosen by Tristan Rhodes
Tristan RhodesTristan Rhodes
I repeated the challenge in a different Playground, and it worked, so there must be some quirk/error with the first playground I used.
Douglas, Permission set does not need assigning for this particular challenge, only creation of the profile and permission set.
Amit, as per my post, i did clone 'read only' as an effort to get it right as that's what others did to fix the 'error', but thanks anyway.
David ThompsonDavid Thompson 
I am trying to set up an account that can be used on a Windows 7 machine with Chrome is kiosk mode, which cannot store cookies between sessions.   Every time the user Id and password is entered the new verification code is needed.  The profile does not have Two-Factor Authenticationi required checked.   How do I stop this behavior?
Best Answer chosen by David Thompson
Harsh PatelHarsh Patel
Hello David,
Go to your user and remove its permission set.
And disconnect this like follow pic.
User-added image

Thanks,
Harsh
Jen SmithJen Smith 
I have a small set of users who shouldn't have access to post on Chatter for compliance reasons. I would ideally like Chatter to be read-only for them but it seems like the options are basically On or Off with Chatter. My next best solution is to turn it off for them entirely and I thought I could turn it off at Profile level but when I went to do this, the Chatter Internal User checkbox under profile system permissions is on and not editable. Any suggestions please?
Best Answer chosen by Jen Smith
Amnon KruviAmnon Kruvi
Hi Jen,

Out of the box, there is no way to make Chatter read-only - just on or off, as you correctly identified.
However, since Chatter comments support triggers, you could block a user from posting to chatter using very basic code.
 
trigger ChatterCommentBlock on FeedComment (before insert) {
    if (UserInfo.getProfileId() == '<profile ID>') {
        throw new StringException('You do not have correct access to post to Chatter.');
    }
}

You could, of course, modify this piece of code to work with a custom permission or a field on the user, to allow you to easily make other types of users read-only - but this will work if you need something basic.
Stephanie BoggsStephanie Boggs 
I have read all the previous posts and changed the following settings, but I have users that are still reporting that they are being logged out during an active session.

Settings:
  • Timeout Value = 2 hours
  • Disable session timeout warning popup = Unchecked (I just made this change today)
  • Lock sessions to the IP address from which they originated = Checked
  • Lock sessions to the domain in which they were first used = Checked
The most recent report was a user clicked the "New" button to create a new record. The amount of time between clicking the button and being logged out was about 6-7 minutes.

I have also prompted users to make the following browser changes:
  1. Click Settings.
  2. At the bottom, click Advanced.
  3. Select Privacy and Security | Content Settings | Cookies | Allow.
  4. Enter [*.]salesforce.com.
  5. Click Allow.
Is there anything else that I can do?
Best Answer chosen by Stephanie Boggs
Naveen DhanarajNaveen Dhanaraj
After doing all the setting changes logout and Log in salesforce,if the problem persist raise a case to salesforce support.