I tried to use request.servervariables("logon_user") to get the nt username so i could attempt to check wether a user has the rights to edit there personal details online. However i found out that the string is empty unless you check off the allow anon users check box in IIS. The problem with this is that it now asks for the challenge response password which i dont want.<BR><BR>Does anyone have any different idaea on this one<BR><BR>thansk for your time