We are preparing to deploy My Domain in our org, but wanted to confirm the following items before doing so.

1) We currently use SAML SSO / Federated SSO via ADFS. When we deploy My Domain, per this article (https://help.salesforce.com/articleView?id=000003861&language=en_US&type=1) we will be able to restrict users from logging in using the standard salesforce login (login.salesforce.com), correct? I'm finding contradictory information, though. Per this article (https://help.salesforce.com/articleView?id=faq_domain_name_sso.htm&type=5), it states that "the Salesforce SAML endpoint (login.salesforce.com) continues to work for SAML and OAUTH requests, even if your org deploys My Domain and selects Prevent login from login.salesforce.com in the My Domain Settings."

2) If the answer is yes to #1 and backdoor access is needed, we can use login.salesforce.com/?login or our mydomain URL of inxpo.my.salesforce.com/?login, correct?

3) If yes to #1 and #2, what will the user experience be for the mydomain customizable login page using SAML SSO / Federated SSO? 

Salesforce Support informed me this isn't a question for them, but rather here in the developer's community.

I would like to enable SSO for some users and restrict SSO for some user profiles and/or permission sets. For that option I have gone through the solutions provided in the web and found that the "Is Single Sign-On Enabled" option can be used to solve the problem, but in my org I could not find that option for any of the user profiles or permission sets. Where do I find that option in my org? 

We currently have SSO set up using ADFS, but I can't figure out how to force SSO on some users on not on others (i.e. admins and bot users). 

Hello,

With the recent communication to Salesforce instances using the SAML Single Sign On into Salesforce having the client certificate retired with the Winter '18 release, we wanted to ask exactly what needs to be done based on our current configuration. Please see attached screenshot. 

What do we need to do exactly?

Salesforce Support informed me this isn't a question for them, but rather here in the developer's community.

I would like to enable SSO for some users and restrict SSO for some user profiles and/or permission sets. For that option I have gone through the solutions provided in the web and found that the "Is Single Sign-On Enabled" option can be used to solve the problem, but in my org I could not find that option for any of the user profiles or permission sets. Where do I find that option in my org? 

We currently have SSO set up using ADFS, but I can't figure out how to force SSO on some users on not on others (i.e. admins and bot users). 

Does anyone have any Apex code (or ideas) that could be run prior to the web-to-lead assignment rules that would: 

 

- Query for any accounts of the same name as the "Company Name" field in the lead  

 

- Determine if it is a "named" account based on an account field 

 

- Assign the lead to the account owner OR another designated user based on the account owner (like inside sales)

 

This would be really helpful for us in situations where we have named accounts that are outside the normal lead / territory assignments.  

 

Thanks for any code, help or ideas!