Read IIS6 documentation on changing the Application Pool Identity. It
calls out the exact reason why Integrated Auth+Custom AppPool Identity
+Domain Server fails and how to fix it. Basically, when you start
customizing, you better know more about the security implications and
requirements of the customization -- no way to just ignore it as
"bizarre". Security is not easy nor is it automatic.
Unfortunately, the link is no longer valid but that information should