Goal: I need to use Windows Groups to determine access to certain
controls on an intranet web app.

Specs:
1. I can only use Windows Authentication.
2. IIS6.

What I have done so far:
1. I have an application already in use that uses Windows
Authentication.
2. I added two new groups each with users to my local machine.
3. I added this code in the web.Config:
<identity impersonate="true"/>
<authentication mode="Windows"/>
<authorization>
<allow roles="WORK\Administrators" />
<allow roles="LOCAL\Administrators" />
<allow roles="LOCAL\Basic" />
<allow roles="LOCAL\Master" />
<deny users="*" />
</authorization>
4. I have this code in the code-behind of my start page:
Dim authUserName As String
authUserName = User.Identity.Name.ToUpper.Trim
Session("Username") = authUserName
If Principal.WindowsIdentity.GetCurrent.IsAuthenticated
Then
Server.Transfer("main.aspx")
End If

Questions:
1. How can I determine the Group name of the user when they log in?
2. How can I set up my local machine to test my program?