What information do I need to know when deploying profiles via change sets?
|Knowledge Article Number||000206563|
|Description||When including profiles in a change set, it's important to review those profiles in the target environment after deployment as not all the permissions may carry over as you might expect. Discrepancies may be due to the following special behaviors that should be taken into consideration when including profiles in change sets.
|Resolution||It's not possible to upload a change set containing only profiles so you'll need to make sure that a component is also included. Profiles are not officially supported as individual components in change sets as per the Components Available in Change Sets documentation. Although profiles are available and can be selected with other components, there are limitations on what specific parts of the profile's permissions can be deployed via change sets.
See About Permission Sets and Profile Settings in Change Sets for an overview of what profile and permission set settings may be included or require supporting components and additional considerations.
Please refer to the following information which provides an outline of potential causes for profile discrepancies that may exist between the source and target orgs when including profiles in change sets:
- Adding profiles or permission sets to outbound change sets is designed to allow administrators to migrate permissions for users so they can access new functionality. Including profiles in change sets is NOT designed to be a tool or method to update profile settings and permissions for functionality already existing in the target environment as per the Change Sets Best Practices documentation.
- Starting in API version 30.0, when deploying a new custom field, the default values for the editable and readable fields in profile field permissions are false. To override the default values, include field permissions for the new field in your profiles.
- A deployment containing a profile and record type, but not the assigned page layout for that record type, removes the existing layout assignment from the profile for that record type. Always include all page layouts for all required record types in the change set. See the Special Behavior in Deployments documentation for more details.
- Profiles or permission sets and field-level security — The contents of a retrieved profile or permission set depend on the other contents of the retrieve request. For example, field-level security for fields included in custom objects is returned at the same time as profiles or permission sets.