Hi,

So wouldn't the following scenario work:

Disable annon access in IIS so that everyone comes in to ASP with their windows credentials. In ASP specify Forms authentication so they initially get redirected to the Login page but then use the Windows credentials to authenticate the user.

Regards,
Viv

>I am only dealing with intranet, not internet. The problem with Windows authentication is that it wants to use Active Directory Groups as the Roles. I can't use those groups for the roles, I need to use my own Roles. Forms authentication makes you use your own roles. So, I want the user authentication provided by Windows authentication, but the Role management provided by Forms authentication.
>
>Chad
>
>
>>Hi,
>>
>>I may be wrong but it seems to me the only way to handle this is to use different entry pages for Intranet and Internet users. Disable anonymous access in IIS for the Intranet page, enable it for the Intranet page then redirect both to a common entry point. There you can check the windows credentials in ASP. If it is the Anonymous account then perform your own authentication/authorisation; otherwise set authorisation by Windows goup.
>>
>>Regards,
>>Viv