One of the new features of ASP.NET 2.0 that I you may have heard about is role providers.  Out of the box there is a Sql Role Provider and a Windows Token Role provider (the access one was removed from beta 2).  You can also of course create your own by doing some inheritance (i.e.: Blue Chip Role Provider). 
The role provider you are using is configured in the web.config.  I would include some sample code, but I am pretty sure they changed the entire syntax for configuring it and I am yet to figure it out using the CTPs. 
What I am going to talk about today is more about the Roles (System.Web.Security) class and NTLM.  There are also numerous controls that make use of roles, that I will touch on at some point in the future.
When using ntlm authentication, the roles class can prove to be quite useful.  It has several member methods that will allow you to determine if the user belongs in a particular Windows NT security group, etc.  This is a lot easier than in the past where you had to use ADSI objects (which basically just used Interop). 
The two methods that may be of use when using NTLM are IsUserInRole() and GetRolesForUser().    IsUserInRole will tell you if a user is in a particular Windows NT security group (i.e.: DTG\WWWThrifty).  GetRolesForUser can be used to troubleshoot access issues by returning an array of roles that the user belongs to.
An example of GetRolesForUser can be viewed at:
This is only a handful of the methods that this class has.  There are a lot more methods that you can use when using a SqlRoleProvider.  These other methods allow you to add users to roles, create new roles, configure the cookie that the roles are stored in, etc.  I'll touch on these more in the future.

Read the complete post at