Salesforce Certified Advanced Administrator - Part 1
4.4 (367 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
2,584 students enrolled

Salesforce Certified Advanced Administrator - Part 1

First of a Three-Course Certification Series for the Salesforce Advanced Administrator Certification - In Lightning
4.4 (367 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
2,584 students enrolled
Last updated 7/2020
English [Auto]
Current price: $139.99 Original price: $199.99 Discount: 30% off
5 hours left at this price!
30-Day Money-Back Guarantee
This course includes
  • 5 hours on-demand video
  • 2 articles
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
Training 5 or more people?

Get your team access to 4,000+ top Udemy courses anytime, anywhere.

Try Udemy for Business
What you'll learn
  • Gain an in-depth understanding of the first three knowledge areas of the Advanced Admin Exam Guide - Security and Access, Extending Custom Objects and Apps and Auditing and Monitoring
  • Learn Advanced Administrative techniques on the Salesforce Platform in Lightning Experience
  • Salesforce Administrator Certification Credential is a Pre-Requisite for the Advanced Admin Certification

We build an Asset Management App in this course.

If you have attained the Salesforce Administrator Certification, you are ready to start the journey to becoming an Advanced Administrator. Become a Salesforce Certified Advanced Administrator by enrolling in this first course of a three-course certification course series. Be sure to get the other two courses as well to complete the set!

I have taught over 110,000 students on the Salesforce platform and I want you to join me in my latest course. I have structured this course to go in-depth on the first three Knowledge Areas of the Salesforce Certified Advanced Administrator Exam Guide:

  • Security and Access

  • Extending Custom Objects and Applications

  • Auditing and Monitoring

  • The Salesforce Certified Advanced Administrator Certification has a pre-requisite that you have an active Administrator Certification on file - if you have not attained your Administrator Certification, I recommend that you first complete that certification and locate my relevant training courses for that certification via my instructor profile.

We will go in-depth on all of the core concepts and topics of the Salesforce Security Model in this course. It's a deep dive on user accounts, licenses, profiles, permission sets, profiles, roles, groups, teams, territories and more.

This course is recorded in Salesforce Lightning Experience.

And tens of  thousands of Udemy Survey ratings for my courses, the students have spoken:

"Are you learning valuable information?" 99.6% answered YES

"Are the explanations of the concepts clear?" 99.8% answered YES

"Is the instructor knowledgeable about the topic?" 99.9% answered YES

Who this course is for:
  • Anyone who has attained the Admin Certification and would like to deepen their skills on the Salesforce Platform
  • Anyone needing to learn Territory Management on the Salesforce Platform
  • Anyone desiring to attain the Salesforce Advanced Administrator Certification
Course content
Expand all 46 lectures 05:05:48
+ Security and Access
31 lectures 03:39:55

In this lesson, I provide a high-level overview of the Salesforce Security Model. 

Preview 06:18

Data access in Salesforce begins with the User. Levels of access vary based on the type of user that is logging in. It is important that you understand the different license types available in Salesforce.

You can view your organization’s licenses in Company Information via Setup.

User License Types

Profiles and permission sets provide object-level security by determining what types of data users see and whether they can edit, create, or delete records. For each object, the “View All” and “Modify All” permissions ignore sharing rules and settings, allowing administrators to quickly grant access to records associated with a given object across the organization. These permissions are often preferable alternatives to the “View All Data” and “Modify All Data” administrative permissions.


In this lesson, we look at permission sets, and profiles vs. permissions 

Permission Sets

In this lesson, we go over record and field access levels.

Record and Field Level Access
Sample Questions #1 & #3 from the Exam Guide

In this lesson, we refer to the Salesforce Security Model Diagram, and how the Org-wide defaults specify the default level of access users have to each other’s records.

Setting Organization-Wide Defaults

In this lesson, we look at the relationship between various objects, first referring to the Sales Objects ERD Diagram found within the SOAP API Developer Guide. We then use the Schema Builder to further look at the relationship types between Account, Contract, Contract, Case and Opportunity.

Controlled by Parent

A role hierarchy represents a level of data access that a user or group of users needs. The role hierarchy ensures that managers always have access to the same data as their employees, regardless of the organization-wide default settings. Role hierarchies don't have to match your organization chart exactly. Instead, each role in the hierarchy should represent a level of data access that a user or group of users needs.

Roles and the Role Hierarchy

In this lesson, we grant the ability for administrators to log in as other users in our org. We then adjust the Session Settings to unlock the Force relogin after Login-As-User setting. We also adjust Jim Doe’s profile to make him a Lightning Experience user.

Logging in as Another User

In this lesson, I place myself at the bottom of the Role Hierarchy and place Jim Doe above me as my manager.

We then demonstrate how Jim is unable to create a new Account record.

Profiles vs. Roles

Ownership-based sharing rules allow for exceptions to organization-wide default settings and the role hierarchy that give additional users access to records they don’t own. Ownership-based sharing rules are based on the record owner only.

Ownership-Based Sharing Rules

In this lesson, I create a criteria-based sharing rule. We specify that any accounts that are named Sony or have a Start Year of 2018 should be shared with the Director, Channel Sales Role and Subordinates. We also create a new ownership-based sharing rule to better fit our scenario and to replace the one we created in the previous lecture. We then adjust an account record to verify that the sharing rule worked as intended. 

Criteria-Based Sharing Rules

In this lesson, I manually share an account record with other users, after first confirming through the Sharing button that they don’t already have access through some other means.

Manual Sharing

In this lesson, we look at Team Access – specifically related to Account Teams, Opportunity Teams and Case Teams. We enable Account Teams and Opportunity Teams. We also cover how to specify default Account and Opportunity Teams. 

Teams Access

In this lesson, we go over record ownership and queues. 

Every record must be owned by a single user or a queue. The owner has access to the record, based on the Object Settings for the owner’s profile. For example, if the owner’s profile has Createand Read permission on an object, but not Editor Delete permission, the owner can create a record for the object and see the new record. However, the owner won't be able to edit or delete the record. Users higher in a hierarchy (role or territory) inherit the same data access as their subordinates for standard objects. Managers gain as much access as their subordinates. If the subordinate has read-only access, so will the manager. This access applies to records owned by users, as well as records shared with them. 

Queues help you prioritize, distribute, and assign records to teams who share workloads. Queue members and users higher in a role hierarchy can access queues from list views and take ownership of records in a queue. 

Record Ownership and Queues

In this lesson, I demo how to create a public group. 

Public Groups

In this lesson, we run the Health Check for our org. I address one of the issues listed in the report and then re-run the Health Check to see the impact on our scores.

Running the Health Check

In this lesson, I enable the Account Owner Report. We then run the report while logged in as Jim Doe. I also removed Jim Doe from my Default Account Team and also removed my Role designation on my user account to block access to my records for Jim. This was to demonstrate that although Jim does not have access to my account records and our org wide defaults are set to private on the Account object, Jim is able to see limited details about the accounts in our org, such as account name, owner and last updated date.

Account Owner Report
Communities’ Security Settings

In this lesson, we introduce Record Types to the Asset object. We create Record Types for Medical Equipment and Office Equipment. We discuss how Record Types are leveraged to associate Page Layouts by Profile, as well as Picklist Values that are available. In addition, we discuss how Record Types can be assigned on the Profile and a Default Record Type designated.

But we don’t stop there. We look at assigning Record Types by Permission sets. I then share a help article that contrasts the ins and outs of what happens if a user either has the Master Record Type or a Custom Record Type on their Profile and the various combinations of Record Types assigned via Permission Sets.

Record Type Security Considerations

In this lesson, we explore the use cases and functionality of Delegated Administration. Use delegated administration to assign limited admin privileges to users in your org who aren’t administrators. For example, let’s say you want the Customer Support team manager to manage users in the Support Manager role and all subordinate roles. Create a delegated admin for this purpose so that you can focus on other administration tasks.

Delegated Administration

In this lesson,  we explore the territory hierarchy and its single dimensional, additional hierarchy. Which can be structured by business units or any kind of segmentation in a hierarchical structure.

Territory Hierarchy Access Introduction

In this lesson, we go over how to enable territory management.

Enabling Territory Management

In this lesson, we look at the various security settings available under Territory Settings:

  • Account Access

  • Opportunity Access

  • Case Access

Configuring Territory Management

In this lesson we create the following Territory Models:

  • This Year

  • Next Year

Creating Territory Models

Now that we have created Territory Models, it’s time to create Territories for them. In this lesson, we create four Territories for the This Year Territory Model:

  • Western

  • Eastern

  • Northern

  • Southern

We assign each of these Territories the Type of Geographic.

Creating Territories

You can assign accounts either manually or by running Territory Assignment Rules. In this lesson, we look at the implications of both.

Assigning Accounts to Territories

In addition to accounts, users can also be assigned to multiple territories. In this lesson, we assign users to the Western and Eastern Territories in our org.

Assigning Users to Terriotories

In this lesson we learn about customer scenarios for territory management. Only one Territory Model can be active in an org.

Activating a Territory Model
+ Extending Custom Objects and Applications
8 lectures 01:06:28

In this introductory lesson, we go  over extending custom objects and applications.

Extending Custom Objects and Applications Introduction

In this lesson, we begin creating the underlying foundation for our eventual Asset Management Application. We create a Room custom object via the Schema Builder. Since custom object creation via the Schema Builder does not give you the opportunity to create a Custom Tab for your new Custom Object, we create one and do not associate it with any apps at this point.

Creating a Custom Object
Creating a Junction Object
Creating a Hybrid Junction Object
Leveraging a Junction Object Across Multiple Record Types
Assigning an Asset to a User via the Hybrid Junction Object
Considerations for Relationships
Creating the Asset Management App
+ Auditing and Monitoring
7 lectures 19:24

In this introductory lesson, I prepare you for the topics included in this Knowledge Area of the course.

Auditing and Monitoring Introduction
View Setup Audit Trail
Email Log
Debug Log
Event Monitoring
Session Management
Bonuses - Free Courses and Coupons