Hi, I need to authenticate my users against a central security server using
their domain logon. Windows Integrated Authentication doesn't seem to fit as
that uses ACLS and the like, what other alternative do I have - the users
shouldn't need to enter their username or password, it should pick them up
automatically.

Windows Integrated Authentication is for *authentication*

ACLs are for *authorization*

Those are two different concepts. You can still using Integrated Windows
Auth (IWA) without setting any special ACLs (you could leave the ACL as
"Everyone: RX")

In a HTTP conversation, it is up to the browser to send credentials to the
server. there is no "magic" way that the server can somehow get the user's
credentials without the user's (or the user's browser's) co-operation.

IE can be made to attempt an auto-logon if you can meet the relevant
requirements:
http://support.microsoft.com/?id=258063

Cheers
Ken

IIS7 with multiple web sites - Windows Auth only working on localhost
Could not load type 'System.Web.Security.AccessRoleProvider'
UNC Share causing Internal Server Error 500
Virus in IFRAME injected into our ASP pages (downloader trojan on client)
Login not require a domain in IIS hosted site?
Dual https on same server not working
Certificate Installed Now I can't log into the Site
ITS Windows 2003 IIS 6.0 SSL - error 404
Disable or Control certificate auto-import?
IIS Authentication