I've been trying to use documentation and avoid asking the list, but I'm stumped now. I have three Zope 2.3 servers on RedHat 7.0, each running a ZEO client to get their ZODB storage from a ZEO server running on NT4. Users login with this DTML method: <dtml-let userid="REQUEST['AUTHENTICATED_USER'].getUserName()"> <dtml-call expr="RESPONSE.redirect('/base/People/' + _['userid'])"> </dtml-let> which forces a login and points them to their home folders, in a folder called "People." In there, they see their own files, and a "management" icon for each, that points to DTML containing this snippet: <dtml-let quotedEWItem="EWurl_quote(_, _.None, EWparam=_['EWItem'])" currentFileName="_.string.split(_['EWItem'], '/')[-1]"> For document:<br>    <a href="<dtml-var quotedEWItem>"> <span class="URLsmall"><dtml-var quotedEWItem></span></a><br> <br> <form action="EWFileEditProperties" method="POST"> <input type="hidden" name="EWItem" value="<dtml-var EWItem>"> <input type="hidden" name="EWUpdateBody" value="1"> <dtml-with "REQUEST.resolve_url(BASE0+_['EWItem'])"> <table border="0" cellpadding="6" cellspacing="2"> All was well until Thursday morning. I hate it when users tell *me* this, but I changed nothing. I do have a co-worker with a global Manager role who is not "technically oriented," but he swears he did nothing, either. Hmph. Anyway, now about half my users can login, but get an authentication error when accessing the file management icon. The error page includes this traceback: Traceback (innermost last): File /opt/Zope/ZopeInst/lib/python/ZPublisher/Publish.py, line 222, in publish_module File /opt/Zope/ZopeInst/lib/python/ZPublisher/Publish.py, line 187, in publish File /opt/Zope/ZopeInst/lib/python/ZPublisher/Publish.py, line 171, in publish File /opt/Zope/ZopeInst/lib/python/ZPublisher/mapply.py, line 160, in mapply (Object: EWFileEditPropertiesForm) File /opt/Zope/ZopeInst/lib/python/ZPublisher/Publish.py, line 112, in call_object (Object: EWFileEditPropertiesForm) File /opt/Zope/ZopeInst/lib/python/OFS/DTMLDocument.py, line 189, in __call__ (Object: EWFileEditPropertiesForm) File /opt/Zope/ZopeInst/lib/python/DocumentTemplate/DT_String.py, line 538, in __call__ (Object: EWFileEditPropertiesForm) File /opt/Zope/ZopeInst/lib/python/DocumentTemplate/DT_Let.py, line 147, in render (Object: quotedEWItem="EWurl_quote(_, _.None, EWparam=_['EWItem'])" currentFileName="_.string.split(_['EWItem'], '/')[-1]") File /opt/Zope/ZopeInst/lib/python/DocumentTemplate/DT_In.py, line 711, in renderwob (Object: Catalog({'meta_type':'Yihaw Folder'})) File /opt/Zope/ZopeInst/lib/python/DocumentTemplate/DT_Util.py, line 334, in eval (Object: REQUEST['AUTHENTICATED_USER'].has_permission('Add EW Nav Links', REQUEST.resolve_url(BASE0+getpath(data_record_id_)))) (Info: BASE0) File <string>, line 0, in ? File /opt/Zope/ZopeInst/lib/python/ZPublisher/HTTPRequest.py, line 724, in resolve_url Unauthorized: (see above) I'm a novice programmer, with a nodding acquaintance with Python at best. But from this, I read that AUTHENTICATED USER doesn't have the permission 'Add EW Nav Links' (our own concotion, obviously), and it seems that he lacks that permission in 'BASE0+getpath(data_record_id),' which I presume evaluates to the current folder? Each user has a local role of Manager in his/her own folder, which I thought is what the current folder would be. I stress that this arrangement was working until the magical voodoo of software "spontaneous degradation" took place. Anyway, users can't change their file properties, which they have to do. I have checked the permissions for the broken accounts compared to the working accounts and can visually find no difference, but obviously there has to be something I'm missing. Any suggestions? Craig Dunigan Web Programmer Esker Software