Hi, is there a reason the security entities in an ACL not to be affected by changes in the membership or role provider? And one more question: Why the Remove method in AccessControlList class is not virtual? I have DBAccessControlList, which derives from AccessControlList and I want to manage the roles and users, which have been deleted.Thanks in advance