I found only one thread relating to this but it did not answer the question.
I'm curious to a link or explanation of the difference between setting an impersonation user via in the web.config versus setting the application pool identity in IIS. They seem to be independent and am confused on the detailed differences. Thanks.
An application pool identity allows you to run an application pool under a unique account without having to create and manage domain or local accounts. The name of the application pool account corresponds to the name of the application pool.
Identity theft is when someone steals your personal information and uses it to access your banking, credit, or any other type of financial account. Impersonation is when someone pretends to be you. They may use social media to get information about you, then they use that information for their own purposes.
An application pool defines a group of one or more worker processes, configured with common settings that serve requests to one or more applications that are assigned to that application pool.
Using impersonation in the web.config allows you to override whatever identity was configured for the Application Pool the app is running under - it's just a more fine grained method to control identity ( on the app level vs. the ApplicationPool level), so you could have two apps run on the same AppPool, but one of them uses impersonation to use another identity.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With