I am setting up a Intranet website for my company.<BR><BR>Senario:<BR>1. The intranet web application will run on an NT box where IIS is running.<BR>2. Every user of this web application has a valid userID on this NT machine.<BR>3. Also the user has a valid userID on SQL server database.<BR>4. As soon as the user types www.mycompany.com, he will be prompted for tying his <BR>UserID and password and then my ASP code checks if this user has a valid UserID on the<BR>SQL server database. If he has he will be allowed to access the web pages otherwise <BR>he will redirected to the same login web page.<BR><BR><BR>Questions:<BR>1. related to scenario 4. Should I be doing this kind of database security or should I create<BR>UserID table in the SQL server database and validate the User&#039s against that table?<BR>2. What IIS authentication should I be using for my web pages. Basic/NT challege/Anonymous.<BR>3. For each of the above authentications should we setting up or changing anything on NT<BR>security part.<BR><BR>Kindly someone Enlighten me Please<BR>Thank You<BR>Nath