Hi. I wrote an ASP app that requires the logon id of Intranet (all IE4) users. According to documentations, I&#039ll need to either turn off Anonymous Access in MMC or take out IUSR from NTFS. Both worked fine. However, the problem came once the user tries to get out of the app and return to just a normal web site (ie Anonymous Access enabled in MMC) within the Intranet (under the same WWWRoot). It prompted for login/pwd again and no matter what the user types, it gives an ACL error. It only works if the user reloads the page or if the user is explicity added to the NFTS permission.<BR><BR>Is that normal or am I missing something? Thanks for your advice.