25 February 2013
Permission Sets Best Practice: What's in a Name
Thinking back to the 1,023 possible combinations of job functions discussed previously, it’s easy to understand why it might be difficult to come up with a meaningful name for each profile that could be generated. However, it’s far easier to imagine coming up with 10 meaningful names for each individual job function (that is permission set). Beyond the manageability already afforded by being able to name permission sets simply, this can be further leveraged to the advantage of the administrator in some cases.
Consider organizations that make use of an external identity system such as Active Directory or LDAP. Often these systems describe not just the basics of a user (name, email, etc.), but also contain attributes that describe a user’s set of job functions within an organization. If the names or descriptions of individual permission sets contain tokens (that is uniquely identifiable strings of characters such as “#salesrep#”), then it becomes possible to easily map how attributes in one system correspond to permission sets within a salesforce organization.