@Weng said:@joe.edwards said:OK, but supposing website A brings down websites A, B, C, D, E, F, G, H, I, J, and K Why are they sharing an application pool? Application pools don't cost nothin' but some RTFM, ya know The client I'm currently working for deploys all related applications in the same application pool. These applications also share the same technical user id. So App1 could access data from a related App2. The project manager refuses to request a new user id because it just too much work and takes ages to get things done.On the mainframe side things are even worse: all users are in 1 of 2 groups and some are in both. Group 1 gives access to all stored procedures and group 2 gives access to all tables. All technical users of .NET applications are in the 'stored procedure' group and therefore can access any stored procedure they like, even the ones that create new contractsI already proposed to the client to let our company perform an audit on security and identiy management but they don't see any problem with this. Since all stored procedures are written by them, everything is perfectly fine and nothing can possibly go wrong in their opinion. The mainframe devs here are very reluctant to even listen to what a .NET developer has to say.[rant]My current project has just been delayed because of problem with mainframe jobs. We have a .NET job that hourly forwards status reports to the mainframe. Every time a status changes a new report is sent but there are some external events that also trigger the sending of a report even if the status hasn't changed. One status is that "an external has requested payment for their services". When mainframe sees that status, it will issue a payment. When a same report arrives a few hours later with the same status, it will issue a payment again... You'd say that the obvious solution is to add a flag to a DB2 table to indicate that the external party has already been paid. But not according to the mainframe guys because that would mean they have to admit their code is wrong. They want to examine all events that can trigger the sending of a duplicate report and eliminate them one by one. Sometimes I really hate mainframe devs[/rant]