OK, this is nutts. I have an asp.net app running on a windows 2003 server. I have my site directory security settings in IIS set to Integrated Windows authentication with anonymous access disabled. In my code I am using the directoryInfo class to access a folder on my server to serve up downloadable files. Instead of using the user I logged in as when I first hit the site "mydomain\myuser" It is trying to access the directory as "IUSR_2003SERVERIIS" That is the default user for anonymous access. What the hell? does the directory info class ignore IIS settings and use whatever the hell it feels like. Is there any way to force it to use the user I logged in as? I'm trying to restrict access to my shared folders only to the people I give read permission to. I can't do that if every user looks like they are "IUSR_2003SERVERIIS".