Groups

What is a group?

A group is comprised of users, roles, and other groups.  There are two types of groups:  Public groups and personal groups.

Public Groups

Public groups are created and maintained by administrators, and can be referenced in org-wide configuration (such as sharing rules).

Personal Groups

Personal groups are created and maintained by users, and can only be referenced in select configuration (such as Outlook contact synchronization).

Why use public groups?

Use public groups to streamline the process of sharing access to records and folders with a collection of users.

Common use cases:

1. Sharing access to records or folders with named users (this requires a public group):

1-11-2013 1-11-07 PM

2. Sharing access to several resources to the same collection of users within specified roles.

For example, I want to share access to 2 report folders and a dashboard folder with the following roles:

1-11-2013 3-54-45 PM

I could configure the sharing criteria for 3 folders to include these roles.  Or, I could create a public group with the roles:

1-11-2013 2-54-45 PM

Then share access to each folder with the group:

1-11-2013 3-10-26 PM

Now let’s say that the “Installation & Repair Services” role should no longer have access to the folders.  With a group in place, I simply remove that role from the group.  Folder access is updated automatically.

Without a group, I would need to edit each folder separately to make the change.

Important Notes

  1. There is no way to monitor where groups are referenced (e.g. you have to view each individual report folder, sharing rules, etc.).  For this reason, make sure to have a clear documentation and usage strategy for groups (or at a minimum, a very clear naming convention).
  2. When groups are referenced in sharing rules, “Grant Access Using Hierarchies” can be extended to group access.

1-11-2013 3-34-46 PM

 

33 Responses to “Groups”

  1. ankur.pm09 April 12, 2017 at 8:36 pm #

    Hi John,

    What do you mean the second point in the note section “When groups are referenced in sharing rules, “Grant Access Using Hierarchies” can be extended to group access.” Can you explain with a usecase/ an example?

    AJ

    • JohnCoppedge April 13, 2017 at 4:42 pm #

      VP Sales & Marketing
      -Sales Manager
      –Sales Rep
      -Marketing Manager
      –Marketing User

      User A- assigned to Marketing User
      User B- assigned to Sales Rep
      User C- assigned Sales Manager

      Group X- contains User A
      Grant access via hierarchies checked

      Sharing rule: records owned by Group X shared with role Sales Rep

      User B gains access to User A’s records via sharing rule
      User C gains access to User A’s records via inheritance through group (via sharing rule)

      Without granting access via hierarchies user C would not gain access

  2. ankur.pm09 April 12, 2017 at 7:05 pm #

    Hi John,

    Could you share the steps to navigate to this page? Much appreciated.

    AJ

  3. anneverner March 2, 2017 at 5:05 pm #

    Ok, just so I understand what has been said in this thread……
    Are you saying that, using current versions of SF, that setting up Groups is not really necessary if you have Enhanced Sharing checked?

    • JohnCoppedge March 13, 2017 at 3:29 pm #

      It all depends – in the old folder sharing model you couldn’t name a user specifically, so you had to use a group. There are many cases where you will want to create a group (naming 50 users that are shared across 4 folders, for example).

  4. jesseward220 March 13, 2016 at 6:02 am #

    It’s difficult to know how to do this without guidance on what to click in SFDC. Would you mind sharing what to search for, and the clicks after that to really understand by doing?

  5. g.levy@mamacash.org February 4, 2016 at 6:12 pm #

    Hi John,

    In my org. I have a situation where I wish to provide horizontal CRE to a user who is not in the role hierarchy. The record type is an Opportunity. Should I create a Group to allow that or should I use Opportunity Team?

    Thank you,
    Gil

    • JohnCoppedge February 4, 2016 at 11:11 pm #

      Either would work- if you want to share all/most (without manually adding to each record) then I would use a sharing rule.

  6. Syed Khadri May 16, 2015 at 11:39 am #

    Dear John,
    It would be great if you could share the Path for the above images provided as for a beginner it would be difficult searching for the same. Its just a suggestion.
    For eg: I have been searching for the Point 1 path to goto that page via sharing rules & Groups but the pages are quite different than what is depicted above.
    Thanks

  7. Cloud Force March 15, 2015 at 4:28 pm #

    Hi John,

    In developer edition, “Folder Sharing” under Setup| Customize| Reports & Dashboards is not available , however; this option is available in Enterprise edition. Please clarify on this.

    Thanks.

  8. x x November 11, 2014 at 9:55 pm #

    Hi John,

    Can you please confirm public groups are required to share folders with named users?

    My SF Winter’15 allows me to pick users when I’m trying to share a report folder. Am I doing something wron or misunderstood you?

    Thank you.

    Regards,
    Petr

  9. Synthia Beauvais September 21, 2014 at 10:47 pm #

    Hi,

    This is another page that is not showing the screen shots. I had to copy and paste this page in a Word Doc.

    Thanks

    • JohnCoppedge September 27, 2014 at 10:17 pm #

      Synthia – I would recommend trying another browser, such as Chrome. I haven’t seen this reported by anyone else.

  10. Carl Herman September 3, 2014 at 3:35 pm #

    Typo:
    “such sharing rules”
    should be “such as sharing rules”

  11. Mugdha Ralegaonkar July 17, 2014 at 2:21 am #

    Saw the screenshot later. understood. Thanks!

  12. Mugdha Ralegaonkar July 17, 2014 at 2:19 am #

    Hi John,

    Could you please elaborate “When groups are referenced in sharing rules, “Grant Access Using Hierarchies” can be extended to group access.”
    group doesn’t have any hierarchy. I am sure I am not following the meaning of this sentence.

  13. Barbara Hill June 25, 2014 at 5:44 pm #

    I haven’t gotten into enough yet to know, but if this is truly a relational database, that ought to be very doable. Seems like an easy app to create for security management. I’ll be interested to see, when/if I get into the developer part of this if SF lets you do this. It’s all there, you just need to right reporting mechanisms.

  14. Michael Bechara June 5, 2014 at 6:30 pm #

    As I am going through the security access information I have been building an Excel sheet that I imagine will be useful in implementations. It will document by user their profile, permission set, OWD, Role, field level security and sharing rules for each object. The intent to arrive at a “system access report” that can be used to implement security and/or monitor security afterwards. 2 Questions: 1) Has anyone developed such a tool for use during implementations? 2) Can such a report be generated by SFDC for troubleshooting and/or audit purposes?

    • Aaron Howerton June 6, 2014 at 8:13 pm #

      I was thinking about this as well, Michael. I just completed a security review/update for a client and had to create a similar record. I’ve also found documentation difficult when implementing new apps and adjusting various settings across the org and one of my prior employers (where I first encountered Salesforce) had their own process. I keep thinking there must be some standardized forms available for administrators that helps keep this information handy beyond just searching in the environment. I guess I see all this information, the way everything seems to overlap and interrelate, and wondering if there’s any way to avoid some of the ‘gotchas’ that are inherent in this kind of work.

    • Ksenia Choate March 17, 2015 at 5:51 pm #

      Michael, your spread sheet sounds like a great way to organize security settings information for any Sf org. Is there any chance you could share the template with the rest of us? If not, no problem. Thank you!

  15. Shwetha Ram February 22, 2014 at 7:28 pm #

    Hi John
    some of the material seems to be blank on this page. The roles are not mentioned are missing information.

Leave a Reply