IIS Management and ASP.Net Impersonation

I am attempting to write a web application that will allow various users
(under very tight security) to control IIS.

I am using Microsoft.Web.Administration.dll to do this.

If I try the following:

ServerManager iisManager = new ServerManager();
iisManager.Sites.Add("NewSite", "http", "*:8080:", "d:\\MySite");
iisManager.CommitChanges();

I get the error:

Filename: redirection.config
Error: Cannot read configuration file due to insufficient permissions


Description: An unhandled exception occurred during the execution of the
current web request. Please review the stack trace for more information
about the error and where it originated in the code.

Exception Details: System.UnauthorizedAccessException: Filename:
redirection.config
Error: Cannot read configuration file due to insufficient permissions



ASP.NET is not authorized to access the requested resource. Consider
granting access rights to the resource to the ASP.NET request identity.
ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS 5
or Network Service on IIS 6) that is used if the application is not
impersonating. If the application is impersonating via impersonate="true"/>, the identity will be the anonymous user (typically
IUSR_MACHINENAME) or the authenticated request user.

To grant ASP.NET access to a file, right-click the file in Explorer,
choose "Properties" and select the Security tab. Click "Add" to add the
appropriate user or group. Highlight the ASP.NET account, and check the
boxes for the desired access.


What account should I set ASP.Net to impersonate to be able to have the
required permissions for this operation?

Regards
Mick Walker