I was actually talking about checking the Security settings on the folder itself. Do this via Windows Explorer. Get to the folder of this specific site and right click on the folder or file within that folder that you want to check the permissions and look at the properties. On the 'Security tab', you'll want to check who has permissions. If you want everyone to access the site, add IUSR_YOURMACHINENAME, possibly the Everyone group and verify their access levels. Generally the IUSR account needs close to full access. While I unfortunately don't get to work with SQL Server (I'm forced to use Access), I have to give the IUSR account 'Full Control' over the folder.
Also is 'Allow Anonymous Access' checked in IIS Management? Of course you only want to check this if it's what you want.
If none of this works, I would check SQL Server security settings. It could be that only the "Administrators" group is being given access to your SQL Server.
Sorry, what I meant by that quote was if a user types in the url of the asp page i.e. http://test/test.asp then they get the login box, but if they type in a non asp page url i.e. http://test/test2.htm then they don't get the error- I was trying to let you know that it wasn't a site permissions problem (overall permissions are set in root folder). If that makes sense!!! Ta for the help so far!!!
The DSN is on the 2000 server. I've looked at the config of this DSN using the ODBC data sources admin thingy and it is set to 'verify the authenticity of the login ID' with Windows NT authentication using the network login ID.
Do need to manually edit this file?
Sorry if I'm being a bit thick, I'm a bit new to this part of things!