Bob:

I take it you are using Mixed Mode Authenication? If so you can be authenicated by Windows NT or SQL Server. The book I have says the user must choose which method to use, but it doesn't say how. This may mean that if a user is connecting with a "trusted client" SQL Server automatically tries to authenicate them on NT then on SQL Server. For non trusted clients like web browsers, SQL Server does the authenicating.

All my users are trusted clients, so I just let SQL Server do it in both places and never had any problems.

Charlie