I'm trying to give permission to a folder on a file server to a webpage running in IIS on a web server. Both machines are on a Windows network but there's no Active Directory domain.

So I've done the setting up impersonation thing where each machine has a user with the same name and I've told IIS to use ASP.net impersonation and for one request I think it actually worked. The trouble is that I made a change to web.config and the ASP.net impersonation setting was automatically disabled! So I tried adding impersonation=true to web.config and then my website starting freaking out and demanding that I log in because it kept redirecting me to my forms authentication log in page.

So why do forms authentication and impersonation seem to clash?

My next idea is to access the file server via a web service and stream the files over http. I'll be grabbing the cloud and pushing it inside my server! (Which is of course ridiculous.)

Someone on Stack Overflow suggested I check out the identity assigned to the application pool. But I don't understand how can the app's identity and its impersonated user be differnet in the first place?

Cheers, Ian.