Windows 2003 permissions and Process Monitor output

I am configuring MS Access Internet Synchronization which I've done
several times on Windows 2003 without issue over the past few years
but this I can't get the anonymous user to be able to create files in
my dropbox directory.

On the surface, this looks to be a permissions issue but I don't
understand what the right lever is to fix it. I set up a virtual
directory in IIS 6 with read/write privileges and anonymous access
using an account I created called IUSR_Dropbox. Using the MS utility
bigpost.exe (fetched from Trigeminal), I can overwrite existing files
but when creating a new
file, it fails with a "404.0 2" error in the IIS log. Using Process
Monitor, I can see that it fails with a "FILE NOT FOUND" and here is
the output:

19293 12:24:49.2579997 PM w3wp.exe 3720 CreateFile C:\Inetpub\Testdrop
\test1.tmp NAME NOT FOUND Desired Access: Generic Read, Disposition:
Open, Options: Open For Backup, Attributes: RE, ShareMode: Read,
Write, Delete, AllocationSize: n/a, Impersonating: MYSERVER
\IUSR_Dropbox
19294 12:24:49.2583137 PM w3wp.exe 3720 CreateFile C:\Inetpub\Testdrop
\test1.tmp NAME NOT FOUND Desired Access: Read Data/List Directory,
Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-
Directory File, Complete If Oplocked, Attributes: n/a, ShareMode:
Read, AllocationSize: n/a, Impersonating: MYSERVER\IUSR_Dropbox

Since IUSR_Dropbox has full control, is a member of Users which have
full control, and has been assigned to the Administrators group (all
these only temporarily for testing ;-), why does CreateFile fail and
how can I fix this? At this point, I feel like I've run out of
permissions to assign!

Other items of interest that may be of use:
- special permissions shows "Create File / Write Data" is checked
- AccessEnum shows write access to directory for Administrators, NT
Authority/System, and Users but does not list IUSR_Dropbox. Is this
because IUSR_Dropbox is a membor of Users and Administrators or is
this a clue to what is going on? Right clicking on the directory and
looking at security, I have confirmed many times that IUSR_Dopbox has
full control.
- The /testdrop directory is not shared

Since I previously set this up on Windows 2003 and manually applied
service pack 1, is there some change with Windows 2003 R2 which I am
using now? Is there an local security, IIS 6 setting or something else
that blocks anonymous users from creating files (remember that I can
overwrite an existing one).

Thanks!

Re: Windows 2003 permissions and Process Monitor output

Applying SP2 did not fix the problem. I ended up opening a ticket on
this with Microsoft and after several days of making no progress, an
uninstall including IIS, SMTP, common files and one of the machine
keys (C:\Documents and Settings\All Users\Application Data\Microsoft
\Crypto\RSA\MachineKeys) and then a reinstall fixed it.

This was the second time IIS was uninstalled/reinstalled and the first
time did not fix it but I did not uninstall the common files and SMTP
server nor was the machine key deleted. So, I still can't say what was
wrong with the configuration out of the box but clearly the only way
to fix it was a complete reinstall.

HTH,
Jim