Skip to main content

Create New Users and Allow a User to Delete Accounts

Follow Along with Trail Together

Want to follow along with an expert as you work through this step? Take a look at this video, part of the Trail Together series.


(This clip starts at the 13:22 minute mark, in case you want to rewind and watch the beginning of the step again.)

Introduction

You are attending a security and data access review meeting with the CEO and the Executive team. The first item on the agenda is to ensure that all users have the appropriate object permissions for their job roles. John Wiseman, CEO, wants to ensure users have access to the objects they need to do their job, but wants to restrict the ability to delete records to just Executive Users and the Support team. Noah Larkin, VP of Services, is helping to clean up records, and needs temporary permission to delete Accounts.

Create a New Profile Without Delete Permissions

  1. From Setup, enter Profiles in the Quick Find box, and select Profiles.
  2. Click S from the alphabet picker across the top.
  3. Click Clone next to Standard Platform User.
  4. Enter Standard Profile - No Acct Delete for Profile Name.
  5. Click Save.
  6. Click Edit.
  7. Scroll down to the Standard Object Permissions section and remove the check in Delete column next to the Accounts object.
    Delete permission removed from the Accounts object.
  8. Click Save.

Set Login Access Policies and Create a New User

  1. From Setup, enter Login Access Policies in the Quick Find box, and select Login Access Policies.
  2. Select the Enabled checkbox next to Administrators Can Log in as Any User.
  3. Click Save.
  4. From Setup, enter Users in the Quick Find Box, then select Users.
  5. Click New User. Complete the new user record with these details.
    Field Value
    First Name Maya
    Last Name Lorrette
    Alias mlorr
    Email (enter your own email address)
    Username (auto-populates with your email address)
    Replace using formula: first initial + last name of user + @ + your initials + your favorite color + a number + .com
    Example: mlorrette@wbyellow678.com
    Nickname mlorrette
    Title Accounts Receivable
    Department Sales
    User License Salesforce Platform
    Profile Standard Profile - No Acct Delete
    Role Western Sales Team 
  6. Fill in her Locale settings, including time zone and language.
    Field Value
    Time Zone Pacific Time (America/Los_Angeles) 
    Note: either GMT-07:00 or GMT-08:00 depending on time of year.
    Locale English (United States)
    Language English
  7. Click Save & New. Add another user.
    Field Value
    First Name Ted
    Last Name Kim
    Alias tkim
    Email (enter your own email address)
    Username (auto-populates with your email address-replace using formula: first initial and last name of user @your initials and your favorite color.com)
    Ex: tkim@wbyellow.com
    Nickname tkim
    Title Recruiter
    Department Sales
    User License Salesforce Platform
    Profile Standard Profile - No Acct Delete
    Role Western Sales Team
  8. Next, fill in his Locale settings, including time zone and language.
    Field Value
    Time Zone Pacific Time (America/Los_Angeles) 
    Locale English (United States)
    Language English
  9. Click Save.

In a Trailhead playground, you’re limited to the number of Salesforce and Salesforce Platform licenses you have to distribute. To complete this challenge, we’re going to deactivate a few users to free up some of those licenses. Sound confusing? Don’t worry. It will all make sense in the next step. 

  1. Navigate to Users in Setup, and click Edit next to Maya Lorrette.
  2. Deselect the Active checkbox to deactivate Maya’s user license.
  3. On the warning message, click OK, then click Save.
  4. Repeat the same steps to deactivate Ted Kim.

Now that you’ve deactivated two users, you have two additional Salesforce Platform licenses available. Let’s assign them to our new users. 

  1. Select New User and fill in the details.
    Field Value
    First Name Noah
    Last Name Larkin
    Alias nlark
    Email (enter your own email address)
    Username (auto-populates with your email address-replace using formula: first initial and last name of user @your initials and your favorite color.com)
    Ex: nlarkin@wbpurple.com
    Nickname nlarkin
    Title VP Services
    Department Customer Support
    User License Salesforce Platform
    Profile Standard Profile - No Acct Delete
    Role Customer Support, International 
  2. Next, fill in his Locale settings, including time zone and language.
    Field Value
    Time Zone Pacific Time (America/Los_Angeles) 
    Locale English (United States)
    Language English
  3. Click Save & New. You have one more user to add, then you’re all set. Let’s add sales engineer, Amy Daniels.
    Field Value
    First Name Amy
    Last Name Daniels
    Alias adani
    Email (enter your own email address)
    Username (auto-populates with your email address-replace using formula: first initial and last name of user @your initials and your favorite color.com)
    Ex: adaniels@wbyellow.com
    Nickname adaniels
    Title Sales Engineer
    Department Sales
    User License Salesforce Platform
    Profile Standard Profile - No Acct Delete
    Role Western Sales Team
  4. Fill in her Locale settings, including time zone and language.
    Field Value
    Time Zone Pacific Time (America/Los_Angeles) 
    Locale English (United States)
    Language English
  5. Click Save.

Allow a User to Delete Accounts Using Permission Sets

  1. From Setup, enter Permission Sets in the Quick Find box and select Permission Sets.
  2. Click New and complete the Create screen.
    • Label: Delete Accounts
    • Description: Grants Delete Accounts permission. Note: A description is required to associate the applicable license to this permission set.
    • Select the type of users who will use this permission set: Salesforce Platform.
  3. Click Save.
  4. In the Apps section, click Object Settings and select Accounts.
  5. Click Edit and select the Delete checkbox under Object Permissions. Note: Edit and Read will be automatically checked. Object Permissions checkboxes with Read, Edit, and Delete enabled.
  6. Click Save and select Manage Assignments.
  7. Click Add Assignments and in the Action column, check the box next to Noah Larkin.
  8. Click NextAssign, and Done.

Log in as Noah Larkin to test the permission set.

  1. From Setup, search Users in the Quick Find box, and select Users.
  2. In the action column, click Login next to Noah Larkin.
  3. From the App Launcher, click Accounts. From List View picklist, select All Accounts.
  4. In the Account Name column, click GenePoint. Notice that the Delete button is now available at the top of the Account Detail page because Noah has the Account: Delete permission set.
    GenePoint account with Delete
  5. Click Log out as Noah Larkin at the top of the page. Note: If this logs you out of Salesforce, click Launch to relaunch your Trailhead Playground.

You’ve just ensured that Noah Larkin has the appropriate permissions for his role. Now it has come to your attention that some users have multiple roles within the organization. In the next step, you create a role hierarchy and assign users to their new roles.

Keep learning for
free!
Sign up for an account to continue.
What’s in it for you?
  • Get personalized recommendations for your career goals
  • Practice your skills with hands-on challenges and quizzes
  • Track and share your progress with employers
  • Connect to mentorship and career opportunities