NET to impersonate the Windows iden.y supplied by IIS as the WindowsIden.y for the ASP.NET application, edit the Web.config file for the application and set .When using impersonation, ASP.NET applications can execute with the Windows iden.y user account of the user making the request. Impersonation is . - BUT, what did I just do here? You are now running your website under the iden.y of the client user. Is there any security risk? That would .