Windows Authentication just killing me

Let me explain step by step what I did

My web.config (VS 2005)

<authentication mode="Windows"/>

<identity impersonate="true"/>

<authorization>
<allow users="stmae\xyz,stmae\abc" />
<deny users="*"/>
</authorization>
<customErrors mode="Off" defaultRedirect="NoAccess.htm" >
<error statusCode="403" redirect="NoAccess.htm" />
</customErrors>
<!--

I have a windows 2003 server running IIS 6 and SQLServer 2000 (both on the same machine)

Sql server running under mixed Mode(windows and sql authentication)
I created accounts for stmae\xyz and stmae\abc in SQLserver made dbowner to the database.

On IIS, I unchecked anonymous authentication

Checked Integrated windows authentication

It lets xyz in which is me but not the stmae\abc .
It comes up with a login screen and says Logon failed due to server configuration.Verify that u have permission to view this directory...
etc

Why?Please help.You could check the rights for the user 'abc'.

Also, I doubt this is the case but put a space in between each allowed user. Like so:
<allow users="stmae\xyz, stmae\abc" />
A space after the comma.

Worth a shot