My questions is two-fold as I am an IIS newbie.

I have created a website successfully via IIS 7.5 with anonymous security. Users are authenticated via a SQL database table.

In IIS Manager, under my website, I have added a virtual directory pointing to a Windows network share folder within our domain. What I'm trying to do is allow only authenticated users the ability to view (not write) files I've specified in my web application, all of which are within this Windows network share.

Therefore, my first question is about the mere creation of the virtual directory. What settings should I ensure are done?

Secondly, regarding the Windows network share, what user account should I enable access? I've read much in many forums, some say IUSRS; some say IIS_IUSRS; some say others, etc.

Thank you in advance.