Point of my Scenario:
1. I am admin of a Windows Server 2003 domain
2. A member server running Windows Server 2003 is implemented as an IIS web server
3. There is a configured user right that is assigned to the IIS_WPG account on the member server: "Impersonate a client after authentication". Administrators and SERVICE accounts are also assigned this user right.
QUESTION: Why does the IIS_WPG group need this user right?
REASON: I need to know if I can remove this group ( IIS_WPG) from the specified user right without breaking the web application/web service on this server. I will have to document documentation for retaining or removing this user right from the IIS_WPG group.