|Microsoft Internet Security and Acceleration Server 2004 SDK|
It is possible to access ISA Server administration objects from active server pages (ASPs). However, an ASP that uses ISA Server administration objects may not work under the default IIS setting that allows anonymous access, resulting in an access denied error. This is because when anonymous access is enabled, your ASP page will not have access to ISA Server storage, and there is also a possibility that permission issues will arise.
In order for the ASP to successfully use the ISA Server administration objects, you must disable anonymous access in IIS. Users with permissions will then be allowed to run the ASP page. Users without permissions will continue to get an access denied error, as they would have under anonymous access.
For information on how to disable anonymous access in IIS , see MSDN.