I have a login page that the user submits username/password to.<BR>The ASP page verifies the credentials through an ADSI object and that works fine. I also need to iterate through the groups that user belongs to. If I goto the login page and login as a user who belongs to the "administrators" group on the domain controller, it works fine. If they don&#039;t belong to the administrators (or domain admins etc..) I get an access denied message.<BR>Any ideas to get around this? I guess I could check for that error number and then on error pass the admin credentials to get the info but that just doesn&#039;t seem secure. I thought domain users could query the ADSI. Using Win2K, IIS 5.