You have several different components to identity.

You have set up your IIS application to use the authenticated user for
Windows Requests.

ASP.NET is a separate process, and by default runs under the ASPNET account
(unless you change this in your machine.config).

To get your app to use the authenticating credentials instead of ASPNET, you
need to add the following line to your web.config:

<identity impersonate="true"/>

--
Chris Jackson
Software Engineer
Microsoft MVP - Windows XP
Windows XP Associate Expert
--
"xiaohang zhu" <zhuxiaohang@hotmail.com> wrote in message
news:5e7343af.0307160734.7243b5b1@posting.google.c om...
> Hi,
> I build a asp.net application for my company and try to set up the
> security. Here is the set up.
> 1. Winnt 4 network
> 2. Win2000 server IIS 5 web server
> 3. Asp.net application which will read and write information to a MS
> Access database.
> 4. Asp.net application resides in a virtual directory
> 5. Use only Integrated authentication method in IIS, Anonymous
> access is disabled.
> What I need is to restrict the write permission to a group of
> people. Not everybody can write to the database. But with the above
> set up, I can't even read the web page. It will display the error
> "Server Error in '/' Application".
> Then I add the default group everyone into the NTFS permission of the
> folder, then I can read the page. But if I use group Domain user
> instead, it doesn't work.
> Please tell me how to set up the security with this senorio. Thanks
> a lot.
>
> Jerry