Ask Search:
Kate ColsonKate Colson 
I had a beast of a time making sure that my external customer users could see cases from their account in our Community Plus portal.  I did not feel that the documentation provided was clear on where I could look to see what settings were incorrect. I spent a lot of time with sharing settings, correctly setting them up per the documentation. It turned out that you must create a view in your production environment (in my situation, cases view) that was "wide open", and then use sharing rules to open up visibility to an account using sharing settings.  I'll post my documentation here. Hopefully it will save someone else 6 hours of frustration :) 
Best Answer chosen by Kate Colson
Kate ColsonKate Colson
Documentation reflects Ensuring your customers see their appropriate cases in Customer Community Plus. It is written with the assumption that you have community plus licenses and used Napili as a template provided by Salesforce. It assumes that you have already set up the community and are having problems making sure your customers only see cases from the account they are affiliated with as a Contact.


The cases shown in the Customer communities relies on a view set up in the cases object in the production instance of Salesforce. In laymen’s terms, the instance that your team uses every day.

Case View in Production Instance

The view should be “wide-open” we will use sharing settings to determine what users from each company will actually see of the cases that are contained in the view.
  1. Go to Cases -> Create New View
  2. Name the View “My Community Cases” the Unique name will be My_Community_Cases
  3. Under Specialty Filter Criteria select the radio button “All Cases”
    1. If you only want your customers to see cases that are “Open” or Cases that are of a certain status, you can use the “Filter By Additional Fields” to narrow down what the view will output.
    2. You do have the ability to have multiple case lists in Communities. This would allow you to have “Open Cases” on the Home page, and Closed cases somewhere else. If this is what you want to offer, repeat creating views using the instructions in this section.  You can use the “Save As” function to speed up the creation of the views.
    3. Decide what fields you want your customers to have the ability to view, and the order you want them to see them in. If you are using Napili, the recommended Template for those setting up a service type of community using SFDC templates, the Case list is not very wide.  There might be coding you can do to make more columns visible.  We will not get into that with this documentation. So choose the columns visible to your customers sparingly.
    4. Under Step.4  in the view set up screen, select the radio button “Visible to certain groups of users”
      1. Search “Public Groups”
      2. From the drop down pull over (Add) “All Customer Portal Users”
        1. “All Customer Portal Users is added as soon as you become Community Users by SFDC / purchase Community Licenses
      3. Save the View and take note of the Unique Name, (Item 2 in this section)

Case View in Community Builder

  1. Go to Community Builder: Setup ->Type “Communities” into the Quick Find box -> Select All Communities
  2. Select the “Builder” link from the Community you are setting up case visibility
  3. The Community will open up in Builder mode
  4. From the left had menu select the page editor (second option)
  5. If you have not already, drop the Case List Lightning Component into the page you are editing
  6. When you click on the Case List –or when you first drag and drop it into your page a small “Case List” box appears. The only * (mandatory field) is the Case Filter Name or ID.  This will default to “AllOpenCases”, this is where you need to drop in your unique case view name from “Case View Production Instance” section 2.
  7. Make sure you select “Publish” so that the changes will take affect. The community should also be active.

Sharing Settings

You are going to use sharing settings in your production environment to restrict what your external community users will be able to see in the view. There is an assumption in the below process that you have already added at least one customer contact to your community.  Salesforce creates a “Role” for those users. You are going to use this Role in sharing settings.
  1. Go to Setup-> Type Sharing Settings into the quick find box -> Select the Sharing Settings under “Security Controls”
  2. You will see the Organization-Wide Defaults.
    1. If it is not already, change the Default External Access on Accounts to “Private”
    2. Double check to make sure that the Contact standard object, the Opportunity standard object and the Case standard object are also set to Private (typically this is automatic because they are controlled by the account).
    3. If you are going to allow your customer users to view any other objects (e.g., work orders, assets, etc) also move those to private in the Default External Access.
Note: the following steps must be done every time a contact from a NEW account, an account that has not been set up for these sharing rules, is created.  There is a way to use Apex code to automate this process. However, if you are not offering visibility to cases, etc through Communities to many accounts, this step is easy and can be set up when you are setting up new accounts with the capability to have contacts use the customer community portal.
  1. Scroll down to the related list section of this page to Account Sharing Rules.
  2. Select New
  3. Use the Account Name to create a name for the Label. E.g., Customer Name Community Visibility
  4. Select “Based on Criteria”
  5. Use the Account Name field, equals, and then enter the account name for the criteria
  6. In Step 4 decide who will get to see these records.
    1. From the drop down select “Portal Roles and Subordinates”
    2. The second drop down will show you a role name that coincides with the name of the account where you ‘ve just granted access to a contact.
  7. In Step 5 decide what visibility / control they will have over Account / Contracts/ Opportunities / Cases. If anything is labeled private, the customer contacts will still not have the ability to see those records. A best practice for most orgs is “Read Only” access to Accounts and Contracts and “Read Only” or “Read/Write” access to Cases.
  8. Select Save


  1. Go to the contact that you have set up in your production instance
  2. Use the Manage External User to log in as the contact you gave access to
  3. Confirm that the user can only see records from their assigned Account
Kamalakannan SomasundaramKamalakannan Somasundaram 
I've created an object and for that i've created a record type as well ... 

What is the use for the record type and where we using it?

(i'm a begginer so have lot of questions in my mind.)

Best Answer chosen by Kamalakannan Somasundaram
Sindoora gSindoora g
Record Types are used to create different business processes.

for example : if you are working on an application that manages two business process like you want to manage accounts for two commodities A and B .

You want certain fields and picklist values on Commodity A page and different ones on Commodity B page.

You create 2 record types for  Commodity A and B for different picklist to appear on these pages and 2 pagelayouts to control the fields on A and B commodities.

you will assign record type to Page layout i.e for record type A what pagelayout should be displayed,same for B.

Now when you click on Account Tab ,you will have the option to select record type A or B .

You can also control Users who have access to record type A or B or Both in profiles.

Hope you got some idea.
Best Answer chosen by Kelly New
Geoffrey FlynnGeoffrey Flynn
Nope, this is a global setting as of now
Derhyk DoggettDerhyk Doggett 

We recently migrated from a Customer Portal to a Customer Community.
I am trying to figure out how to achieve hiding Private Cases in the Community. The Portal supported "Visible in Self-Service Portal" option and Portal users do not see those Cases.

With both the Portal and the Community active, if I login as a user with both public and private cases - in the Portal they do not see the Private Cases, in the Community they do. This is explained in the link below.

Knowing that, I am struggling on moving forward with the same functionality for the Community.
I thought making a new Case Record Type 'Private Case' and creating a workflow to update the case type when it's Private would work - but it doesn't. Eventhough the Community Profiles are not assigned that Record Type.
Unless I am missing something - it seems like the Community Shares all Account Cases with the Account contacts that are Community Enabled - regardless of Record Type access.

Any help greatly appreciated.



Best Answer chosen by Derhyk Doggett
Derhyk DoggettDerhyk Doggett
For other users that stumble upon this question.
After talk with our support and service cloud experts (our account team put us in contact with the right folks) it was determined that to support our requirements, we needed Apex sharing.

I ended up developing Apex sharing classes that were batchable and set then to run on a schedule to calculate Case sharing rules.

If someone out there is facing the same issue and needs help, feel free to post here and I can provide a bit more context.

Grant OngstadGrant Ongstad 
I created a custom report type using accounts and duplicate record items and am building a report to see the when users have been prompted about a duplicate record (account). Is there a way to see on the report when a user ignored the request? Versus when the user went through with the suggestion? I have read the documentation but have not encountered this specific flag.
Best Answer chosen by Grant Ongstad
Jeff MayJeff May
No.  You can't get 'the results' since if the User decides NOT to create a duplicate, there is no duplicate record to track the 'response' on.
Hybin JosephHybin Joseph 
Hi Guys,

I am planning to give the Marketing Cloud Email Specialist Certification in a month.Any tips on where to start also Is there a way I can get like a Trial Marketing Cloud Org so that I could practice all the stuff.I also coudnt find a Trail for this.Am I looking in the wrong place??
Best Answer chosen by Hybin Joseph
Mayank SrivastavaMayank Srivastava
I blogged about this exam's primary content and my experience a while ago:

I found the email specialist exam to be the easiest among other marketing certs (social and cloud consultant) so it shouldn't take too much time to prepare for it ( ymmv). If you focus on the topics that I listed in my post, you should be able to handle 80-90% of the exam content.

As far as a Trial org goes, you could always log a case with support asking them if it is possible to get one. My company already had one so I never had to arrange for it. To be honest, I never practiced anything hands-on and only went through the exact target documentation in theory. There isn't a trail for Marketing emails specialist content as far as I know.

Do google for other resources and make sure you skim through them before taking the exam. Good luck!
Satheeskumar ISatheeskumar I 
   I am planing to give ADM201 Exam within this week.
   As preparation alone not sufficient for the exam I need MOCK exam papers for ADM201 which will help me to clear this exam.
   If you have MOCK Exam papers for ADM201, please provide me.

Many thanks
Best Answer chosen by Moderator ( 
Matthew LambMatthew Lamb
Salinda HorrocksSalinda Horrocks 
I need to set up a profile for all of our managers to be able to edit any opportunity (despite who owns it) however they can't be allowed to delete unless they own it. I am new to salesforce and not quite sure what permissions need to be altered to do this.  Any help would be much appreciated.  
Best Answer chosen by Salinda Horrocks
Naveen DhanarajNaveen Dhanaraj
Hi salinda,
Based on your wish You can Create Permission set or profile for Managers to achieve this

If you had Existing Profile for Managers
1.)Remove Delete and Modify all Permission for Opportunity
2.)Create Permission set For Users with Existing Profile.

If you dont have Existing Profile,
Create New Profile for Managers and Give Permission for Opportunity such as Read, Create,Edit,View all.
No need of Permission set.

If you would like to give permission for the Records they own Then create "Roles"
Use This,
User-added image

Tyson JoeTyson Joe 
I have a custom Home page component called "Jail" as well as a custom link called "Get Out of Jail" in Classic.

How do I recreate this in Lightning?
Best Answer chosen by Tyson Joe
Rodrigo RochaRodrigo Rocha
I would say that to avoid creatin custom Lightning Components (code), I would edit the Home Page layout (from lightning) and add a Rich Text component.

You should be able to add URL links there.
Devon HowardDevon Howard 
I have several questions about the implications of using permission sets. I have consulted all of the help materials on this topic that are available through the Salesforce Help & Training portal. My hope is that rather than responding to these questions with SF link to knowledge articles, documentation, etc. (unless the link really does answer the questions), I will get specific answers to my questions.

Currently, we do not leverage the role hierarchy structure. We use only a few objects and set the OWD for those objects to private.  We then use profiles, sharing rules, and public groups to control object and record access. I am trying to determine whether permission sets would allow us to:
a. reduce the number of profiles we use
b. reduce the number of public groups we use

My questions are:

1. Can we use permission sets to restrict access compared to the profile settings, or only open up access from the profile baseline?

2. In this location: Permission sets > Apps > Object Settings > select the object > field permissions, does the edit permission give the permission set assignee permission to edit field values on records she has access to, but does not own? What does this edit permission do, exactly?

3. What is the relationship between public group membership and permission set assignment?  It seems to me that both grant individual users (or groups of users) access to data that they could not access based on profile alone. The way they work differently, however, is still vague to me-- even after reading the help materials on SF. What are the benefits of using each?

4. Is it possible to provide access to report and dashboard folders through permission sets? Currently, if a user building a report folder selects "this folder is accessible only by the following users"  the options to select from are role, role and subordinates, and public groups. We only use public groups from this drop down list. We would like to use permission sets instead of public groups (or roles) to grant access to report and dashboard folders. Is it possible to add permission sets to that drop down list?

Related to the above question, I tested a work around for granting access to a report folder: Permission sets > System > System Permissions > enabling create and customize reports, run reports, report builder, and manage dashboard permissions. Then, in Permission sets > Apps > Object Settings > (example custom object), I enabled access to the XYZ record type.

I assigned the permission set to a user. I then checked to see if my user with the permission set had access to the XYZ report folder. The user did not have access. I then added my user to the XYZ public group and confirmed that the XYZ public group had access to the XYZ report folder. I tested my user's access to the XYZ report folder, and my user did have access. It seems, therefore, that the only way to grant report/dashboard folder access using permission sets would be to add permission sets to the options in the "this folder is accessible only by the following users" drop down list.

Clarification on any/all of this is much appreciated!
Best Answer chosen by Devon Howard
Rebecca WhitefieldRebecca Whitefield
1. Permission sets can only grant permissions, not deny them so they can only open up access.

2. The edit permission in this location allows users to edit field values on records they have access to. Record access is determined through sharing settings.

3. The short answer is they give access to different things. As I alluded to in my answer to #2, permissions and sharing settings are two separate areas of security. Permissions determine the kinds of records users can create, read, edit or delete. Sharing settings determine which individual records users can view and edit in each object. So the difference in permission sets and public groups is that permission sets allow you to grant additional permissions to specific users, whereas public groups are used in sharing rules to grant access to specific records. 

4. To my knowledge, it is not possible to provide access to report and dashboard folders through permission sets.