I am absolutely stumped by this one:
We have a Win2K machine named NewBox.
Default internet guest user: IUSR_Newbox
Default process launch user for IIS (for COM objects, ODBC drivers, etc): IWAM_Newbox (in other words, the usual setup you get from a Win2K install).

We changed the machine's name to Hotstuff. And we changed the names of these two built-in accounts to IUSR_Account and IWAM_Account to make their names generic.

This is when the trouble started.

The IUSR_Account works exactly as you would expect it would with NTFS security issues. It's basically a renamed version of the same identity that was associated with IUSR_Newbox.

However, the IWAM_Account (even though it is NOW literally called the Process Launch account by the system itself when you look in User Manager)... it is NOT being used by IIS as the account to assume when launching COM Servers and other DLL's loaded by IIS. Instead, the _old_ IWAM identity is still floating around out there (even though it's no longer visible in User Manager), and IIS is still using the old identity for this!

You might ask: Why is this such a big deal? Because it's VERY confusing trying to figure out why this is happening, and it obfuscates which account should be given permissions to folders/files that are being accessed by COM servers and ODBC drivers in my Active Server Page applications. You would think that ODBC access to XXX.DBF requires permission granted to IWAM_Account, but NO!!!.... it still requires that permissions be granted to IWAM_Newbox, even though IWAM_Newbox doesn't even seem to exist as an account on the machine any more. And I cannot figure out how to reassign this.

How in the world can you name the IWAM account the way you want to and then grant it permissions as desired?

Thanks!