I would imagine this is due to the fact that you have not created a user
context within the XMLDOM object. If you were doing this in jscript on a web
page, the new object might inherit from the calling page (I'm guessing there,
but think of it like opening another browser window).
Because you're doing this in LS on the server, there is no connection between
the effective Domino user and the XMLDOM object. Take a look at the XMLDOM
documentation to see if there is some way of injecting the user/password into
the object. You may have problems here with Domino's authentication method, as
this relies on a cookie I beleive. also, sesion based authentication or not
may make a difference.