Create New Users and Allow a User to Delete Accounts

Follow Along with Trail Together

Want to follow along with an expert as you work through this step? Take a look at this video, part of the Trail Together series.

Introduction

You are attending a security and data access review meeting with the CEO and the Executive team. The first item on the agenda is to ensure that all users have the appropriate object permissions for their job roles. John Wiseman, CEO, wants to ensure users have access to the objects they need to do their job, but wants to restrict the ability to delete records to just Executive Users and the Support team. Noah Larkin, VP of Services, is helping to clean up records, and needs temporary permission to delete Accounts.

Create a New Profile Without Delete Permissions

1. From Setup, enter Profiles in the Quick Find box, and select Profiles.
   
2. Click S from the alphabet picker across the top.
   
3. Click Clone next to Standard Platform User.
   
4. Enter Standard Profile - No Acct Delete for Profile Name.
   
5. Click Save.
   
6. Click Object Settings and select Accounts.
   
7. Click Edit.
   

8. Deselect Delete.
   
9. Click Save.
   

Set Login Access Policies and Create a New User

1. From Setup, enter Login Access Policies in the Quick Find box, and select Login Access Policies.
   
2. Select the Enabled checkbox next to Administrators Can Log in as Any User.
   
3. Click Save.
   
4. From Setup, enter Users in the Quick Find Box, then select Users.
   
5. Click New User. Complete the new user record with these details.
   
   • First Name: Maya
   • Last Name: Lorrette
   • Alias: mlorr
   • Email: Enter your own email address
     
   • Username: This auto-populates with your email address) Replace using formula: first initial + last name of user + @ + your initials + your favorite color + a number + .com. Example: mlorette@wbyellow678.com Nickname: mlorrette
     
   • Title: Accounts Receivable
   • Department: Sales
   • User License: Salesforce Platform
     
   • Profile: Standard Profile - No Acct Delete
     
   • Role: Western Sales Team
     
6. Fill in her Locale settings, including time zone and language.
   
   • Time Zone: Pacific Time (America/Los_Angeles) Note: either GMT-07:00 or GMT-08:00 depending on time of year.
     
   • Locale: English (United States)
     
   • Language: English
     
7. Click Save & New. Add another user.
   
   • First Name: Ted
   • Last Name: Kim
   • Alias: tkim
   • Email: Enter your own email address
     
   • Username: This auto-populates with your email address) Replace using formula: first initial + last name of user + @ + your initials + your favorite color + a number + .com. Example: tkim@wbyellow55.com
     
   • Nickname: tkim
     
   • Title: Recruiter
   • Department: Sales
   • User License: Salesforce Platform
     
   • Profile: Standard Profile - No Acct Delete
     
   • Role: Western Sales Team
     
8. Next, fill in his Locale settings, including time zone and language.
   
   • Time Zone: Pacific Time (America/Los_Angeles) 
     
   • Locale: English (United States)
     
   • Language: English
     
9. Click Save.
   

In a Trailhead playground, you’re limited to the number of Salesforce and Salesforce Platform licenses you have to distribute. To complete this challenge, we’re going to deactivate a few users to free up some of those licenses. Sound confusing? Don’t worry. It will all make sense in the next step. 

1. Navigate to Users in Setup, and click Edit next to Maya Lorrette.
   
2. Deselect the Active checkbox to deactivate Maya’s user license.
   
3. On the warning message, click OK, then click Save.
   
4. Repeat the same steps to deactivate Ted Kim.
   

Now that you’ve deactivated two users, you have two additional Salesforce Platform licenses available. Let’s assign them to our new users. 

1. Select New User and fill in the details.
   

   Field	Value
   First Name	Noah
   Last Name	Larkin
   Alias	nlark
   Email	(enter your own email address)
   Username	(auto-populates with your email address-replace using formula: first initial and last name of user @your initials and your favorite color.com)Ex: nlarkin@wbpurple.com
   Nickname	nlarkin
   Title	VP Services
   Department	Customer Support
   User License	Salesforce Platform
   Profile	Standard Profile - No Acct Delete
   Role	Customer Support, International

2. Next, fill in his Locale settings, including time zone and language.

   Field	Value
   Time Zone	Pacific Time (America/Los_Angeles)
   Locale	English (United States)
   Language	English

3. Click Save & New. You have one more user to add, then you’re all set. Let’s add sales engineer, Amy Daniels.
   

   Field	Value
   First Name	Amy
   Last Name	Daniels
   Alias	adani
   Email	(enter your own email address)
   Username	(auto-populates with your email address-replace using formula: first initial and last name of user @your initials and your favorite color.com)Ex: adaniels@wbyellow.com
   Nickname	adaniels
   Title	Sales Engineer
   Department	Sales
   User License	Salesforce Platform
   Profile	Standard Profile - No Acct Delete
   Role	Western Sales Team

4. Fill in her Locale settings, including time zone and language.

   Field	Value
   Time Zone	Pacific Time (America/Los_Angeles)
   Locale	English (United States)
   Language	English

5. Click Save.
   

Allow a User to Delete Accounts Using Permission Sets

1. From Setup, enter Permission Sets in the Quick Find box and select Permission Sets.
   
2. Click New and complete the Create screen.
   

• Label: Delete Accounts
• Description: Grants Delete Accounts permission. Note: A description is required to associate the applicable license to this permission set.
  
• Select the type of users who will use this permission set: Salesforce Platform.
  

3. Click Save.
   
4. In the Apps section, click Object Settings and select Accounts.
   
5. Click Edit and select the Delete checkbox under Object Permissions. Note: Edit and Read will be automatically checked. 
   

6. Click Save and select Manage Assignments.
   
7. Click Add Assignments and in the Action column, check the box next to Noah Larkin.
   
8. Click Next, Assign, and Done.
   

Log in as Noah Larkin to test the permission set.

1. From Setup, search Users in the Quick Find box, and select Users.
   
2. In the action column, click Login next to Noah Larkin.
   
3. From the App Launcher, click Accounts. From List View picklist, select All Accounts.
   
4. In the Account Name column, click GenePoint. Notice that the Delete button is now available at the top of the Account Detail page because Noah has the Account: Delete permission set.
   

5. Click Log out as Noah Larkin at the top of the page. Note: If this logs you out of Salesforce, click Launch to relaunch your Trailhead Playground.
   

You’ve just ensured that Noah Larkin has the appropriate permissions for his role. Now it has come to your attention that some users have multiple roles within the organization. In the next step, you create a role hierarchy and assign users to their new roles.