Setting Up Access Profiles
You can use access profiles to control access for roles, teams, and books. You can set up default profiles to specify the access levels to the records that are not owned by the user. You can set up owner profiles to specify the access levels to the records owned by the user, by the user's group, or by someone who reports to the user (if manager visibility is enabled). You can assign a single profile to multiple roles. You can add profiles by:
- Creating new profiles from scratch
- Copying existing profiles and editing their access levels.
There are two types of Access rights that you can set:
- Default Access: Sets the access levels for records not owned by the user, or by the user's group.
- Owner Access: Sets the access levels for records owned by the user, by the user's group, or by someone who reports to the user (if manager visibility is enabled).
You may decide that a group of users with a role such as Field Sales Rep may only view those records explicitly shared with them. In this case:
- Their default access would be Read-only.
- In Step 2 of the Role Management wizard, the check boxes in the Can Read All Records column would not be selected.
Before you begin. To set up access profiles at your company, your role must include the Manage Users and Access privilege.
To set up an access profile
- In the upper-right corner of any page, click the Admin global link.
- In the User Management and Access Controls section, click the User Management and Access Controls link.
- In the Access Profile Management section, click the Access Profiles link.
- In the Access Profile List, do one of the following:
- To create a new profile from scratch, click the New button on the title bar.
- To edit an existing profile, click the Edit link to the left of the profile name.
- To create a new profile based on an existing one, click the Copy link to the left of the profile name.
The Access Profile wizard guides you through the process.
NOTE: You can use three profiles (Edit, Full and ReadOnly) to assign to Teams.
- In Step 1, Access Profile Name, provide a name and description. The remaining fields are described in the table.
Field
|
Description
|
Mark for Translation
|
Shows text fields in the languages activated for your company.
|
Grantable to Team Members
|
Profile can be assigned to team members.
|
Grantable to Book Users
|
Profile can be assigned to book users.
For more information, see the Associating Users With Books section in Setting Up Books.
|
Disabled
|
Profile cannot be assigned, but existing assignments continue to work.
|
- In Step 2, Specify Access Levels,
- Select the access level for the top-level profile. Choose from:
- Read-Only
- Read/Edit
- Read/Edit/Delete
- Most profiles have a Related Information link. Click this link to specify the access levels for related information for each record type. Related information appears on the record Detail pages as linked records. Depending on what you set in this field and in Role Management, the user is able to create, update, or view those records.
Select the access level for the related information type. Choose from:
- Read/Create
- Read/Create/Edit
- Read-Only
- Read/Edit
- Read/Edit/Delete
- Full
- No Access
About Lead Conversion Access Settings
The following table shows the minimum settings that allow users to convert leads to opportunities.
Record Type
|
Related Information
|
Default Access
|
Owner Access
|
Account
|
|
Read, Create, Edit
|
Read, Edit, Delete
|
|
Address
|
Read, Create, Edit
|
Read, Create, Edit
|
Contact
|
|
Read, Create, Edit
|
Read, Edit, Delete
|
|
Accounts
|
Read, Create
|
Read, Create
|
|
Addresses
|
Read, Create, Edit
|
Read, Create, Edit
|
Activity
|
|
Read, Edit
|
Read, Edit
|
Lead
|
|
Read, Create, Edit
|
Read, Edit, Delete
|
|
Completed Activities
|
View
|
View
|
|
Open Activities
|
View
|
View
|
Opportunity
|
|
Read, Create, Edit
|
Read, Edit, Delete
|
|
Revenue
|
Read, Create, Edit
|
Read, Create, Edit
|
|