I am using Small Biz Server 2003 Standard. I set all users the exact same way on server, (as plain users) By default all users have access to OWA and Remote Web Workplace. For security reasons I removed these groups from the user (Mobile Users, and Remote Web Workplace Users) they were not using these features at that time. Well later on when the users wanted to use these services I added these groups back to the users and OWA and Remote Web Workplace would not allow login from these users. I deleted the users and recreated the users and it worked fine for a few days. I deleted and replaced user again and it lasted about 12 hours. Both times using the same username and email alias. The last time I did this I made sure that I deleted the users mailboxes from Exchange. I am thinking it has something to do with IIS security, but I dont know how to go about removing all old users entries from IIS for these two services (OWA and RWW).