Short & quick note about Salesforce Identity product
Below are important summary about Identity Connect
It comes as add on feature with Salesforce with additional cost
Only works with Active Directory
Its only one way Sync, from Active Directory to Salesforce
We can assign profile, role and permission set to user using Identity Connect
Any changes made manually for mapped field on user record would be overwritten with next sync.
Sync from Active directory to Salesforce can be realtime or scheduled
If the user is deactivated in Active Directory then user record also gets deactivated. Identity Connect internally uses API to deactivate user. Unlike for some other SSO solutions, if user is deactivated in Active directory then they cannot login to Salesforce. However, if they already logged into mobile phone or connected app then they can still access Salesforce. This problem is resolved in Identity Connect.
Identity connect is installed on client network behind the firewall. Identity connect pushes the changes to Salesforce from client’s network.
If we want to use Identity Connect as a SSO and user wants to use Salesforce from outside company network or on mobile phone, then its login page must be accessible on internet. This can be done by installing Identity Connect on De-militarized Zone (DMZ).
Identity connect is used for User provisioning but not for Just in Time (JIT) provisioning.
We can use Identity connect as a SSO. If customer already has SSO implemented then Identity connect can only be used for user provisioning.
One Identity Connect can be used for multiple Salesforce instances however all production or all sandboxes. If you want to use Identity connect for production and Sandbox at same time, then we would need two Identity Connect, one for Sandbox and other for Production.
Identity Connect will work with only one Active Directory but it can have multiple domains in same AD.
Integrated Windows Authentication (IWA) is supported by Identity Connect using Kerberos authentication protocol. Means, if user is already logged into company provided windows system, then login screen would be bypassed and Salesforce login experience would be seem less.
Scheduled sync uses more API’s then realtime schedule. Because, Schedule sync checks for changes in all Salesforce users vs all AD users.
If you are new to Microsoft Azure, you can get free trial access however you might need to provide Credit card details to use few features. You would not get charged because we get $200 worth credit for new Account that can be used in a span of year.
I was not able to use Azure’s Active Directory SSO for Just in Time (JIT) provisioning. Rather, it connects to Salesforce and creates user whenever user is provisioned in Active Directory, just like Identity Connect
Security token is mandatory. In case if you have IP login range then we don’t get Security token. To fix this, we can divide our password to have some value in Security token. As final password anyways is Password + Security Token. Shown in below image
When we assign any user to Enterprise application (in our case its Salesforce), we need to map profile to the user.
How to use Heroku Postgres Database from any third party application or local server
Heroku is a Platform as a Service (PaaS) provided by Salesforce and one of my favorite place to jump and spin off any third party application, which can work seamlessly with Salesforce. Heroku also provides free PostgreSQL database which can be used by your application.
Sometimes you may be in need to use this cloud based free PostgreSQL database offered by Heroku in third party application or your local Server.
I was able to do it very quickly and easily and want to make sure would not forget in future, so here is the post. Complete source of this blog post can be found on my Github repository.
One important point to note here, local server must support SSL i.e. https. I have written some posts in past to show how SSL can be enabled in tomcat server or nodejs. This time I wanted to check how it can be done in Docker.
I always use Docker if I need to use Jenkins or any other server. Instead of maintaining all servers individually, it is easy and convenient to use container like docker and control servers or applications from there.
Note : Everything we are discussing here is completely covered as part of Live coding in Apex Salesforce Saturday organized by Amit. Would like to thank Mohith for his support and answers during the demo. It also shows How SalesforceDX can be used daily by developers to perform development.
Complete Source code and demo of implementing Custom Apex Adapter for Salesforce Connect
As you might already know, using Salesforce Connect, we can display external data in Salesforce without physically creating record. Before Salesforce Connect, we had few options like Visualforce, Canvas etc. There are few options available in Salesforce Connect to show data like using protocols OData 2 or OData 4, cross org adapter , custom Apex adapter etc.
There could be scenario, like you already have license for Salesforce connect and want to use it to expose external data inside Salesforce. If you think about any custom solution using Lightning component or Visualforce, there could be many considerations and most important would be displaying data on user interface.
Using Salesforce Connect in above scenario will cut down your most of effort. Your data would be exposed as External Object and you can use it just like custom object. Just imagine, how cool it would be that you would not need to write a single line of code for data presentation.
Now, here your challenge comes. It is pretty much possible that external data does not support OData protocol. And you don’t have necessary middleware tool available to perform transformation and expose it as OData. It doesn’t mean that you cannot use Salesforce Connect. One of the feature of Salesforce Connect is writing and using Custom Adapter using Apex.Continue reading “Implementing Custom Apex Adapter for Salesforce Connect”
How to create a lookup field in Salesforce External Object
This is going to be very short note for readers and pretty much possible that you already know about problem and its solution. However, lets discuss problem first.
On External Object, we do get an option to create a lookup field. It looks very straight forward first, that create a lookup field and populate value in it. Below image shows, what happens when you try to populate newly created lookup field on External Object.
Did you observed, that Lookup field on External Object does not retain any value in Salesforce? Salesforce should have given some proper error message either while creating this field or after updating record.
What is External Object in Salesforce ? This is kind of virtual object which does not exists in your Org. So, you created a field on Object which does not exists and then tried to populate it, what else you could have imagined ?
Resolution of this situation is very easy and would make lot of sense. Same solution applies to External Lookup field as well in Salesforce. All you have to do is, create a new field in Source system of type text first (length 18) and Sync your External Data Source so that new field will appear in your / destination Org. Now edit field’s data type to lookup or External lookup and it will work as expected.
Although we are doing data loading in Salesforce from ages, its very common to miss some steps or considerations. Therefore thought to list some of best practices and considerations I follow before or during data load process.
Show your hard earned badges by adding Trailhead Widget on your Website or Blog
Here it comes, Christmas goodies for Trailhead lovers. If you own WordPress, blogspot or any website, use this Trailhead widget to show and brag about all your badges. Badges, which you have earned by completing challenges on sleepless nights, on airport, during commute or over the weekends. What could be the best way to show Trailhead profile summary other than widget?
Will it impact performance of my website
Thrilling story of Salesforce Technical Architect on a quest to solve application problems and avoid governor limit errors
This is a work of fiction. Names, characters, businesses, places, events and incidents are either the products of the author’s imagination or used in a fictitious manner. Any resemblance to actual persons, living or dead, or actual events is purely coincidental.
Ha ha ha joking.. its combination of many real stories of my previous projects and few readers might be from my team itself 😉 . Leave comment my brave team mates if you are able to co-relate !!!
I tried to summaries as much as possibilities about governor limit errors and way to get out of it. Most of scenario described below may not be the first choice of Technical Architects however because of many reasons like budget, resource skill, tools available and compliance, bad decision could be taken which causes ripple effect on Salesforce scalibility.
Before start, I would encourage readers to leave comment on post and let everyone know in this suspenseful story, did you catch governor limits and Solution already before its exposed ? In this blog post, answers are mostly in invisible/white font which would not be seen until you highlight it. Its for few readers who don’t want spoilers.