Step 2: Modify Admin Web.Config
In the StaffView installed directory, under /Admin/ open up web.config in Text Editor such as NotePad, and so that IIS allows specific users to enter the Administration section:
WARNING: There are 2 Web.config files in StaffView application, make sure you are changing the one under /Admin/ NOT THE ONE on the ROOT.
In this example, we allow (using <allow> tags) users "jsmith" and "kford" under the domain "olive" to use the administration section, all other users will get denied. (using the <deny> tag).
Special Notes:
1. Domain "Group" and "Roles" DO NOT WORK, you have to specific EACH users.
e.g. <allow roles="olive\Domain Users"> Does not work - "Domain Users" is a group name
2. If you don't have a domain (Active Directory), then you don't have to put "domain\" in the front, but you may need to put the machine name,
e.g. "MachineName\UserName".
Sample of Web.config (For Multiple Users + Windows Authentication)
<?xml version="1.0" encoding="utf-8"?>
<configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
<system.web>
<authorization>
<allow users="olive\jsmith"></allow>
<allow users="olive\kford"></allow>
<deny users="*"></deny>
</authorization>
</system.web>
</configuration>
Default Web.config (Original - Single User + Form Authentication)
<?xml version="1.0" encoding="utf-8"?>
<configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
<system.web>
<authorization>
<allow users="admin"></allow>
<deny users="*"></deny>
</authorization>
</system.web>
</configuration>