Answers - Salesforce Trailblazer Community
Ask Search:
Ines GarciaInes Garcia 
I have seen many posts and unresolved questions on this matter. I shall then attempt to explain this simple for any users on what and how is to deal with this.

What ever connection you may use it for needs to be updated with your new certificate, simple :)
see below more on answer
Best Answer chosen by Ines Garcia
Ines GarciaInes Garcia
For example if your org uses Single Sign On or another connection (perhaps integration?) to another system that required the use of the certificate. When was the certificate created?
If you do use SSO or integration you need to create a new self-signed cert and install that on the remote system.  
Worst case scenario is that whatever connection is using that certificate will just flat stop working. (authentication or data transfer)
Do have a check to your installed packages as may use the certificate.
Can you get in contact with the people/company that gererated that cert? and ask them what they were using it for?

Here how to generate a selfcert:

So you have to update it where you use it, most common applications of these certificates are SSO and custom HTTPS domains.

For SSO have a check under Security Controls > Single Sign on Settings > SAML Single Sign-On Settings.

For other uses check the:
- HTTPS requests
- SOAP services

Kimberly DaleKimberly Dale 
 I need to review each profile and determine if they have the correct access or too much access
Best Answer chosen by Kimberly Dale
Ahilesh RagavanAhilesh Ragavan
Hello Kimberly,

Here is a useful external app : Perm Comparator

It lets you view and compare access, permissions between profiles, permission sets.

Sample compare page:
User-added image

We do not have any reports to run to view profile permissions.
Dee SriDee Sri 
Hello Trailblazers,

I am trying to provide a modify all permission without the 'Delete' access for the Account object while keeping the OWD to 'Private'.
Is this possible to achieve this by having a sharing rule with 'Read\Edit' access for all Accounts ?

Let me know your suggestions.

Thank you.
Best Answer chosen by Dee Sri
Andrew RussoAndrew Russo
easiest way if you want to share all accounts with all users is to create a sharing rule that wuld apply to the highest role in your org and all subordinates.
Tobias HaggeTobias Hagge 

When trying to send an email from a Case you are not the Case Owner off, it doesn't allow to send an email unless you have access to the Contact you select.

Now if you want to send an email and don't select any Contact (but use the additional to), it doesn't allow you to send the email due to insufficient privileges.

Any permissions that would get around this?
Best Answer chosen by Jayson ( 
Ben MervenBen Merven
Just ran into this problem. Get the user to login to salesforce in a private/incognito window and see if that fixes it. If so, then clear their browser cache and cookies and it should work.
Sankaran NepoleanSankaran Nepolean 
Sales representatives at Universal Containers need assistance from product managers when selling certain products. Product managers do not have access to opportunities, but need to gain access when they are assisting with a specific deal. How can a system administrator accomplish this?
A. Notify the product manager using opportunity update reminders.
B. Enable opportunity teams and allow users to add the product manager.
C. Use similar opportunities to show opportunities related to the product manager. D. Enable account teams and allow users to add the product manager.

This is the question from the sample paper. I'm a newbie, i couldn't understand how the answer is B.

what does 'Enable opportunity teams' mean ? && how to 'allow users to add the product manager'
Best Answer chosen by Sankaran Nepolean
Jeff MayJeff May
Congrats on starting down the certifcation path!  

Here is a link that will introduce you to Opportunity Teams: (
likhitha yelamarthylikhitha yelamarthy 
Challenge Not yet complete... here's what's wrong: 
The Inside Sales User profile does not have the correct permissions for managing List Views, Report and Dashboards.

Im getting the above error...Can anyone help me?
Best Answer chosen by likhitha yelamarthy
Mayank SrivastavaMayank Srivastava
You haven't configured the correct permissions for reports. Check thr differences below and make sure you onfigure the permissions as shown in screenshot below:

User-added image

Right click on image and open in new tab/window for a better view.

Make sure all permissions match exactly as I showed above.
Michael MorganMichael Morgan 
In preparation for Chrome 80 Cookie SameSite change, we are performing testing as outlined in KB article 000351874:

As prescribed by Chrome, went to chrome://flags in Chrome 76+ and enabled the “SameSite by default cookies” and “Cookies without SameSite must be secure” experiments.

When testing single sign-on using a Connected App with Salesforce as the SAML identity provider, the request to `*{}&RelayState={}` is unable to write a cookie due to not specifying SameSite of `None; Secure`.

Due to the above, it appears all Salesforce single sign-on using SAML within an iframe will fail once Chrome 80 with SameSite is released.
Best Answer chosen by Michael Morgan
Michael MorganMichael Morgan
Received a response from Salesforce in the Identity group that SameSite changes are coming in the Spring '20 release. See:
Mackenzie CoatsMackenzie Coats 

I'm having an issue where myself and the majority of my users in both production and even some on our community are getting kick out of Salesforce every 30 - 45 minutes. They receive the message "Your session has ended" and have the optoin to login again or 'return to the page'. If you return to the page it doesn't log you out completely, but it does refresh the page so if you were in the middle of a report or an updating a record it wipes everything (super frustrating for all invoived!). 

I can't for the life of me figure out why this is happening as our session settings are set to a full 24 hours. I also can't find any other comments about this in user groups. If anyone else has experienced this or has any ideas I would be very grateful to hear them!

User-added imageUser-added image
Best Answer chosen by Mackenzie Coats
Raju KonaRaju Kona
@Mackenzie Coats,
Try to check the first check box and see.
It wont show you the pop up message anymore. Still tehy will be logged in. 
Thank oyu
Sybille CrimetSybille Crimet 
I am an administrator with all rights to create, edit, delete and view alld data. 
I want to delete a record related to an account first from the related list of the account and secondly directly from the concerned record.

I need to update the parent record (Account) before concerned record be deleted.

I have this apex Code in my trigger : 

apex trigger code before delete
when i click on the delete standard action i still get the following error : 
There's a problem saving this record. You might not have permission to edit it, or it might have been deleted or archived. Contact your administrator for help.

here is the check i've done : 
- use of trigger.Old instead of trigger.New
- the TECH_HasMainVAT is not readonly.
- Validation Rules conditions.

Thank in advance for your help !  
Best Answer chosen by Sybille Crimet
Amnon KruviAmnon Kruvi
Hi Sybille,

The problem is probably to do with your update syntax. It should be:
update company;
instead of:

And your usage of one = sign for comparison instead of two:
if (current.Is_Main_VAT__c == true)
instead of:
if (current.Is_Main_VAT__c = true)

However, this trigger suffers from other issues and does not conform to best practices. Please consider the following:
1. It is best practice to place trigger logic outside the trigger class itself, and inside a separate handler Apex class.
2. As far as trigger operations go, always surround the logic in try/catch to make sure it doesn't block the operation if the trigger fails
3. Your trigger only takes into account the first item being deleted, and not all items, by using Trigger.old[0]. This means if two records are deleted in the same operation, your trigger will only update the first one.

I recommend reading this article ( and applying best practices to your trigger. Otherwise, you are bound to encounter further issues on production.
Kate KitchoKate Kitcho 

Does anyone know specifically what this permission entails?

User-added image

The description does not offer any clarity and I haven't been able to find anything on this externally.

Thanks in advance!
Best Answer chosen by Kate Kitcho
Tommaso BolisTommaso Bolis
Data privacy records can help you track and store your customers’ consent. That permission allow users to access information like customer's consent.

Here more info about Store Customers’ Data Privacy Preferences (