Changing the impersonate value of the identity element in the web.config of a SharePoint web application is not supported
By default, the web.config of a SharePoint web application contains the <identity impersonate="true" /> element that allows the application to impersonate the currently logged on user. Any change in this configuration is not supported.
Disabling impersonation by changing the value of the impersonate element from 'True' to 'False' provides every logged on user with the application pool account privileges (the highest level of permissions) regardless of their actual rights in SharePoint.
Article ID: 2564833 - Last Review: 06/24/2011 16:07:00 - Revision: 5.0
Microsoft Windows SharePoint Services 3.0, Microsoft Office SharePoint Server 2007, Microsoft Office SharePoint Server 2007 for Internet Sites, Microsoft SharePoint Foundation 2010,