Understood. I probably would not use it either in an Internet scenario if possible. Just like to throw options out to stimulate further thinking.

>Hi, Bill-
>
>>
>>One possibility to throw into the pool for thought is to not run under the ASPNET worker account, but use impersonation to run under an account that has rights to the necessary resources. I have an application here I am doing that with in an Intranet scenario. There are security issues, of course, with higher privileged accounts but just a thought to generate more thought on the issue.
>
>Thanks for the suggestion. I'd be hesitant to use impersonation for an Internet application. The network has been badly compromised and we're looking to lock things down more tightly, so I want to keep privileges minimal.