IIS connection to active directory for GroupPrincipal user.IsMemberOf

Question

I have tested this in Visual Studio 2013 and it works fine, but after publishing to the web server, I get a 401 error. Here is the code, but I don't think its the issue. I think its the set up on the IIS server that I inherited, since it worked in Visual Studio using my user account. Users are able to login using active directory accounts and passwords on the published site, but when I try to add or remove the user programmatically in the AD group FIDO_Users is when I get the error. The update button is in a Telerik RadGrid FormTemplate, but I am just doing a OnClick from the RadButton to run the code below for AD Group updates. I have tried adding the IUSR to Active Directory since I am using Anonymous and Forms Authentication, but get the same result. What else am I missing?

protected void btnUpdate_OnClick(object sender, EventArgs e)
    {
        PrincipalContext ctx = new PrincipalContext(ContextType.Domain, "ducks.org");

        Button btn = sender as Button;
        RadTextBox rtxtb = btn.Parent.FindControl("UNameIDBox") as RadTextBox;
        string txtb = rtxtb.Text;

        UserPrincipal user = UserPrincipal.FindByIdentity(ctx, txtb);
        GroupPrincipal groupadAdmin = GroupPrincipal.FindByIdentity(ctx, "FIDO_Users");

        RadButton rbFind = btn.Parent.FindControl("rbOpen") as RadButton;
        bool rbChekced = rbFind.Checked;

        if (rbChekced)
        {
            if (!user.IsMemberOf(groupadAdmin))
            {
                groupadAdmin.Members.Add(user);
                groupadAdmin.Save();
            }
        }
        else
        {
            groupadAdmin.Members.Remove(user);
            groupadAdmin.Save();
        }
    }