When we build and test DNA applications, it's easy to just log in as the local system administrator and run the application. In many cases, we might even do this on the machine that hosts the underlying services, such as IIS, MTS, MSMQ and SQL Server. It's fast and there are no network delays, and—more to the point—the application doesn’t keep complaining about user permissions and denying access to components or files. With a complex application it is hard enough to get it all together without any extra grief caused by NT being awkward about who gets to access what resources.
This is fine until you move the application to its real working environment where it all falls over because the security environment, server configuration, and NT Services settings are different. To avoid this, you need to be familiar with the way that DNA allows the application components to authenticate each other without relying on specific user permissions.