Salesforce Certified Administrator Configuration and Setup

Configuration and Setup Detailed Explanation

This area is foundational because it sets up how Salesforce works for your organization and ensures proper security, user access, and functionality.

1. Organizational Settings

1.1 Company Information

This section defines the general details about your organization and its setup.

1. Configure Company Name, Address, and Primary Contact Information:

   • In Salesforce, every organization has a set of default company settings.
   • Navigate to Setup > Company Settings > Company Information.
   • You’ll see fields for:
     • Company Name: This is how your organization’s name will appear in Salesforce.
     • Address: Set your main office address, including city, state, and postal code.
     • Primary Contact Information: This includes the name, email, and phone number of your organization’s main contact person.

2. Set Default Language, Time Zone, and Currency Format:

   • These settings apply organization-wide unless users override them in their personal settings.
     • Language: The default language for Salesforce. Examples: English, Spanish, French.
     • Time Zone: Determines how date and time values are displayed. For example, if your company is based in New York, the default time zone could be Eastern Standard Time (EST).
     • Currency: Choose whether to use a single currency (e.g., USD) or enable multi-currency if your business operates in multiple regions.

3. Fiscal Year:

   • The fiscal year impacts reporting and business metrics. Salesforce allows you to:
     • Use the standard fiscal year, which aligns with the calendar year (January - December).
     • Configure a custom fiscal year if your fiscal periods differ (e.g., April - March).

1.2 Login and Access Management

This section focuses on controlling how and when users can access Salesforce.

1. Login IP Ranges:

   • Restrict Salesforce access to specific IP ranges (e.g., your office network).
   • Found under Setup > Profiles > Login IP Ranges.
   • Example:
     • If your office has IP ranges 192.168.0.1 - 192.168.0.255, users outside this range cannot log in.

2. Login Hours:

   • Define when users can log in based on work hours.
   • Found under Setup > Profiles > Login Hours.
   • Example:
     • Sales representatives can log in only between 9 AM and 6 PM on weekdays.

1.3 Locale Settings

Locale settings control how dates, times, numbers, and currencies are formatted.

1. Organizational Locale:

   • Configured under Setup > Company Settings > Locale.
   • It determines:
     • Date Format: MM/DD/YYYY (U.S.) or DD/MM/YYYY (Europe).
     • Time Format: 12-hour (AM/PM) or 24-hour clock.
     • Number Format: Use of commas or periods (e.g., 1,000.00 vs. 1.000,00).
     • Currency Symbol Placement: Before or after the number.

2. User Locale:

   • Users can override the organizational locale settings in their personal settings for customization.

1.4 Login Security

Securing login processes is essential to protect your organization’s data.

1. Single Sign-On (SSO):

   • Allows users to log in using credentials from an external authentication provider (e.g., Google, Microsoft Azure).
   • Benefits:
     • Users remember only one password.
     • Centralized management of login credentials.

2. Multi-Factor Authentication (MFA):

   • Adds an extra layer of security by requiring a second form of verification (e.g., a code sent to the user’s phone).
   • Found under Setup > Security > Multi-Factor Authentication.

2. User and Permission Management

2.1 User Management

Managing users involves setting up individual accounts with the necessary access and permissions.

1. Create and Activate User Accounts:

   • Navigate to Setup > Users > New User.
   • Input basic information:
     • Username: Must be unique across all Salesforce organizations.
     • Email Address: Used for login and notifications.
     • Role and Profile: Determines the user's access to data and features.
     • License: Each user consumes a license type (e.g., Salesforce, Platform).

2. Assign Users to Roles, Profiles, and Permission Sets:

   • Roles: Define what data the user can access. Example: A sales manager can view all opportunities for their team.
   • Profiles: Control the user’s permissions, such as creating or editing records.
   • Permission Sets: Extend access beyond what the user’s profile allows (e.g., granting access to a new app).

2.2 Role Hierarchies

Role hierarchies define how data access flows in your organization.

1. Set Up Role Hierarchies:
   • Found under Setup > Roles.
   • Example:
     • A CEO can access data for all departments.
     • A sales manager can access only their team’s data.
   • Use the “Grant Access Using Hierarchies” checkbox to allow users higher in the hierarchy to access data owned by those below them.

2.3 Profiles

Profiles define what users can do in Salesforce.

1. Profile Basics:

   • Found under Setup > Profiles.
   • Controls:
     • Object Access: Which objects the user can view, edit, create, or delete.
     • Field-Level Security: Which fields are visible or editable.
     • Page Layouts: Customizes how records appear to users.

2. Types of Profiles:

   • Standard Profiles: Default profiles provided by Salesforce (e.g., System Administrator, Standard User).
   • Custom Profiles: Profiles tailored to specific needs, such as a profile for contractors with limited access.

2.4 Permission Sets and Permission Set Groups

Permission sets extend a user’s access without changing their profile.

1. Permission Sets:

   • Found under Setup > Permission Sets.
   • Example: A user’s profile doesn’t allow access to a marketing app, but a permission set can grant it.

2. Permission Set Groups:

   • Combine multiple permission sets into a single group for easier management.

2.5 Health Check

The Health Check tool identifies security risks and provides recommendations.

1. Using Health Check:

   • Found under Setup > Security > Health Check.
   • Compares your organization’s security settings against Salesforce’s recommended baseline.
   • Scores your security posture as a percentage (e.g., 85%).

2. Optimize Security Settings:

   • Adjust weak settings, such as password complexity or session timeouts.

Summary

This detailed breakdown of Configuration and Setup focuses on setting up your Salesforce environment securely and efficiently. For a beginner, understanding these foundational elements is crucial, as they impact how your organization operates and how users interact with the system.

Configuration and Setup (Additional Content)

1. Organizational Settings

Organizational settings define the global configurations that impact how Salesforce operates for an organization. This includes business hours, holidays, and company-wide preferences.

Business Hours

• Definition: Business Hours in Salesforce define the working hours of an organization, which impacts automation features like Escalation Rules and Service Level Agreements (SLAs).
• Use Case: If a company operates from 9 AM to 5 PM, any cases created outside of these hours will be escalated the next business day.
• Configuration Path:
  Setup > Business Hours > New Business Hours
• Example: A global company can set different business hours for their U.S. support team (EST time zone) and Asia-Pacific support team (GMT+8 time zone).

Holidays

• Definition: Holidays define non-working days when automated processes should not be triggered.
• Use Case: If a company observes New Year's Day, it can be added as a holiday so that case escalations are paused during that day.
• Configuration Path:
  Setup > Business Hours > New Holiday
• Example: A company creates a Christmas Holiday (December 25th) so that no SLA violations occur on that day.

2. Login and Access Management

Salesforce provides multiple ways to control user login security, including IP restrictions and session timeout policies.

Trusted IP Ranges vs. Login IP Ranges

• Login IP Ranges:

  • Set at the Profile Level.
  • If a user attempts to log in outside of the assigned IP range, they are completely blocked.
  • Use Case: A company restricts sales reps to log in only from office networks (e.g., 192.168.1.1 – 192.168.1.255).
  • Configuration Path:
    Setup > Profiles > Select Profile > Login IP Ranges

• Trusted IP Ranges:

  • Set at the Organization Level.
  • Users logging in from a Trusted IP Range do not need to complete multi-factor authentication (MFA).
  • Use Case: A company whitelists its corporate network so employees don’t have to verify their identity every time they log in.
  • Configuration Path:
    Setup > Network Access > New Trusted IP Range

Session Timeout Policies

• Definition: Salesforce allows admins to set session timeouts to enhance security.
• Use Case:
  • A high-security organization (e.g., a bank) sets a 15-minute timeout.
  • A standard company sets a 2-hour timeout for convenience.
• Configuration Path:
  Setup > Session Settings > Session Timeout
• Available Options: Ranges from 15 minutes to 24 hours.

3. Locale Settings

Locale settings control regional configurations like currency, date formats, and number separators.

Currency Management (Multi-Currency)

• Definition: Salesforce allows companies to enable multiple currencies for global operations.
• Key Features:
  • Corporate Currency: The default currency for the organization.
  • User Currency: Individual users can view data in their local currency.
  • Advanced Multi-Currency: Allows different currencies for different records (e.g., USD for U.S. deals, EUR for European deals).
• Use Case:
  • A multinational company has a U.S. team using USD and a European team using EUR.
  • Salesforce automatically converts currency when viewing reports.
• Configuration Path:
  Setup > Manage Currencies > Enable Multiple Currencies

4. User and Permission Management

Managing users and permissions efficiently is critical for security and productivity.

Delegated Administration

• Definition: Allows assigning specific admin privileges to users without granting full administrator rights.
• Use Case:
  • A Sales Manager can create users and reset passwords for sales reps but cannot modify security settings.
  • The IT team can manage API access but cannot delete user accounts.
• Configuration Path:
  Setup > Delegated Administration > New Delegated Group

Login-As Feature (Admin Impersonation)

• Definition: Allows admins to log in as another user for troubleshooting and support.
• Use Case:
  • A user reports a problem with record visibility, and the admin logs in as the user to verify permissions.
• Configuration Path:
  Setup > Login Access Policies > Enable Administrator Login-As
• Security Consideration: Admins can see exactly what the user sees, but sensitive information may be exposed.

5. Role Hierarchies & Data Access

Salesforce provides multiple mechanisms to control data access beyond profiles and permissions.

Sharing Rules

• Definition: Sharing Rules allow records to be shared between different teams when the default role hierarchy does not provide access.
• Use Case:
  • The New York sales team should not see California deals, but an exception is made for strategic accounts.
• Configuration Path:
  Setup > Sharing Settings > New Sharing Rule
• Example Rule:
  • If Opportunity Amount > $500,000, share with Senior Sales Team.

Manual Sharing

• Definition: Users can manually share individual records with specific users or groups.
• Use Case:
  • A Sales Rep manually shares an opportunity with a manager who needs to review it.
• Configuration Path:
  On the Record Page > Click "Share" Button
• Limitation: Only available when Organization-Wide Default (OWD) is set to Private or Public Read-Only.

6. Health Check

Health Check is a security assessment tool that helps administrators identify vulnerabilities in their Salesforce org.

Security Alerts

• Definition: Security Alerts notify admins of critical security risks.
• Types of Alerts:
  • Weak password policies: If passwords expire too late or are too short.
  • Excessive API access: If too many external integrations are pulling sensitive data.
  • MFA enforcement: If multi-factor authentication (MFA) is not enabled.
• Configuration Path:
  Setup > Security > Health Check
• Example Use Case:
  • A finance company checks Health Check scores monthly and fixes high-risk vulnerabilities.

Summary

These additional Configuration and Setup elements ensure a more secure, scalable, and efficient Salesforce environment:

Key Enhancements

1. Business Hours & Holidays – Define when automation rules should apply.
2. Login and Access Security – Use Trusted IP Ranges and Session Timeouts to control access.
3. Multi-Currency Management – Enable Advanced Multi-Currency for international teams.
4. Delegated Administration – Grant limited admin rights to specific users.
5. Data Sharing & Role Hierarchy Enhancements – Use Sharing Rules and Manual Sharing for controlled data access.
6. Health Check & Security Alerts – Regularly monitor security risks and fix vulnerabilities.