My company is installing a backoffice product management solution that will be accessed over our VPN, running on Windows 2000 Server. Long story short, we are having trouble accessing the database remotely and the vendor is claiming that this is a Windows 2000 Server security issue. I have set file-level permissions for all approved users, everyone, and even included the IUSR guest account. No help. Still, they claim I have a security problem. My question is how do I swing the barn door wide open and allow anyone, anywhere to access any and all files on the server. I know it sounds sort of silly, but this is the only way I can think of to show once and for all that our client-side database problems are not Windows 2000 related. Thanks in advance.